Legislative Activity

Committee Leaders Outline Cybersecurity Priorities

As the 114th Congress began last week, multiple Congressional committee leaders named cybersecurity as one of their top priorities for the next two years. In light of the recent Sony cyber attack, many Members of Congress have spoken out about the importance of considering cybersecurity legislation this year, including House Homeland Security Committee Chairman Michael McCaul (R-TX) and Senate Homeland Security and Governmental Affairs Committee Chairman Ron Johnson (R-WI). Legislation that would enhance the current information sharing platforms between the public and private sectors remains a priority for both chambers of Congress as well as the White House.  Senate Intelligence Committee Chairman Richard Burr (R-NC) has indicated that information sharing legislation is one of his priorities. While House Intelligence Committee Chairman Devin Nunes (R-CA) has yet to announce his priorities for the coming year, information sharing is likely to be at the top of his list of issues to address as well.

In addition to information sharing legislation, it is expected that a host of other  cybersecurity bills could be introduced including the creation of a national data breach notification standard; authorizing possible offensive cyber tactics; updating cyber crime laws; defining cyber warfare; and streamlining current regulations for private sector companies, as proposed in President Obama’s February 2013 cybersecurity Executive Order (EO). Additionally, there are many Congressional committees with oversight of cybersecurity issues and we are likely to see a number of hearings held on cybersecurity in the coming months.

Both Chairmen McCaul and Johnson have also said that starting on legislation to authorize the U.S. Department of Homeland Security (DHS) is also one of their priorities for the 114th Congress. Competing committees of jurisdiction over DHS have been hurdles to any of the committees being able to pass a comprehensive DHS bill.

House Homeland Security Cybersecurity Subcommittee Gets New Chairman

Last week, Chairman McCaul announced that Rep. John Ratcliffe (R-TX) will be the new chairman of the House Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies. Rep. Ratcliffe is serving his first term in Congress and will take over the position from Rep. Patrick Meehan (R-PA).

This Week’s Hearings:

  • Tuesday, January 13: The House Foreign Affairs Committee will host a hearing titled “Meeting: The North Korean Threat: Nuclear, Missiles and Cyber.” Officials from DHS, the U.S. Department of the Treasury, and the U.S. Department of State are scheduled to appear as witnesses.

Regulatory Activity

White House Will Announce Cybersecurity Proposal This Week

This week, President Obama plans to announce a series of legislative proposals and executive actions related to cybersecurity, privacy and Internet accessibility that will be part of his State of the Union address on January 20. The White House put together the proposed policy package after it met with industry representatives to formulate the plan, which will be rolled out over four days this week. Today, the President will visit the Federal Trade Commission (FTC) to announce an expansion of the BuySecure Initiative to the education sector. This initiative will be focused on consumer financial protection and builds off of his October EO to require government payment cards to use chip and PIN technology. On Tuesday, the President will visit DHS’s National Cybersecurity and Communications Integration Center (NCCIC) to talk about information sharing and will then go to Iowa on Wednesday to speak about his proposal to expand affordable access to broadband Internet.  Additionally, Vice President Joe Biden will be in Norfolk, Virginia on Thursday to announce new funding that will be available to help train cybersecurity professionals.

NIST Will Hold an Information Security and Privacy Advisory Board Meeting in February

The National Institute of Standards and Technology (NIST) will hold a three-day meeting of its Information Sharing and Privacy Advisory Board from February 11-13. The meetings will be open to the public and will cover a range of issues including continuous monitoring and continuous diagnostics and mitigation, updates on the NIST Cybersecurity Framework and the President’s EO, the development of NIST cryptographic standards, and the legislation passed in December to update the Federal Information Security Management Act. Additionally, the meeting will also feature presentations from the Department of Justice’s cybersecurity unit and the National Security Agency’s privacy officer.