Rep. Jim Langevin, D-RI, introduced a bill on Wednesday that aims to hold the U.S. Department of Homeland Security responsible for investigating every cyber attack and for shoring up its network security.
The bill would better define the roles and responsibilities of the agency's chief information officer, require that the department reduce the number of successful attacks against its networks and mandate that the DHS investigate the state of contractors' network security before signing a contract with them. The bill comes after more than a year of investigations by the House of Representative's Committee for Homeland Security into cybersecurity breaches at numerous government agencies. Rep. Langevin heads up the Subcommittee on Emerging Threats, Cybersecurity and Science & Technology, which has held most of the hearings on the issues.
"The security of our federal and critical infrastructure networks is an issue of national security," Rep. Langevin said in a statement. "Through my many cyber hearings it has become clear that an organization is only as strong as the integrity and reliability of the information that it keeps. Therefore we must make cybersecurity a national priority."
While U.S. government agencies have shown slow improvement, they have continued to score low grades in the annual report on their compliance with the Federal Information Security Management Act (FISMA) of 2002. Most federal agencies are behind an aggressive timetable for switching over all government desktop systems to a set of standard configurations designed to be more secure. Know as the Federal Desktop Core Configuration (FDCC), the initiative is part of a broader program known as the Comprehensive National Cybersecurity Initiative (CNCI), embarked upon by the Bush Administration in January.
The bill has been designated the Homeland Security Network Defense and Accountability Act of 2008 (H.R. 5983).
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos