Legislative Activity
Cybersecurity Legislation Possible This Week
Last week, Senate leadership began the process of moving two cybersecurity bills – the Federal Information Security Modernization (FISMA) Act of 2014 (S. 2521) and the National Cybersecurity and Communications Integration Center (NCCIC) Act of 2014 (S. 2519) – to the floor to be considered under unanimous consent. S. 2521 would update FISMA, which is the current law that seeks to protect federal government information and security systems; S. 2519 would codify the role of the NCCIC at the U.S. Department of Homeland Security (DHS) and expand efforts with existing Information Sharing Analysis Centers (ISACs.) The House has previous passed two similar bills related to FISMA reform (H.R. 1163) and the NCCIC (H.R. 3696). While both of the House bills passed with strong bipartisan support, it is unclear whether there will be any Senators that object to final passage of these bills and may prevent them from moving forward under unanimous consent.
National Defense Authorization Act Cyber Provisions
Last week, the House passed its version of the National Defense Authorization Act (NDAA) which included a number of provisions related to cybersecurity for the U.S. Department of Defense (DOD). The Senate plans to vote on the bill early this week. The legislation adds cybersecurity to DOD’s list of major force programs, which highlights the imp0rtance of cybersecurity to the Department even though this addition is mainly symbolic. Additionally, after there have been many issues in recent years with breaches of contractor networks at DOD, the newest version of the NDAA bill requires the Department to establish a timeline and procedures for contractors to report network breaches and calls on DOD to designate a single office to receive those reports. The bill also requires a report to Congress on the cyberwarfare and hacking capabilities of China and Russia and gives authority to the President to sanction any foreign nationals that engage in cyber espionage of U.S. assets.
This Week’s Hearings:
- Wednesday, December 10: The Senate Banking, Housing and Urban Affairs Committee will hold a hearing titled “Cybersecurity: Enhancing Coordination to Protect the Finance Sector.” Officials from DHS, FBI, Secret Service and the Department of Treasury are scheduled to appear as witnesses.
Regulatory Activity
DHS to Hold Cybersecurity Webinars in January
DHS recently announced that it was planning to launch a new cybersecurity webinar series next month as part of its Critical Infrastructure Cyber Community (C3 or C-Cubed) Voluntary Program. The first webinar will be held on Wednesday, January 14 and will focus on building a cyber risk management community through the use of the National Institute of Standards and Technology (NIST) Cybersecurity Framework and C3 Program resources. DHS has not announced the dates for the other webinars in the series.