[Congressional Record: June 16, 2010 (Extensions)]
[Page E1123]
PROTECTING CYBERSPACE AS A NATIONAL ASSET ACT OF 2010
______
HON. JANE HARMAN
of california
in the house of representatives
Wednesday, June 16, 2010
Ms. HARMAN. Madam Speaker, the stark image on millions of television
screens around the world is of a broken pipe one mile underwater,
spewing tens of thousands of gallons of oil into the ocean each day.
This deadly and disturbing horror could be replicated should we have
a major cyber attack--broken networks spewing tens of thousands of
terabytes of information about critical infrastructure, national
security, mission-critical data and personal financial records.
Indeed, damage caused by the worst environmental disaster in U.S.
history could pale in comparison to the chaos that could ensue after a
major cyber attack.
So today, Madam Speaker, I am pleased to introduce with Rep. Peter
King the companion bill to S. 3480, The Protecting Cyberspace as a
National Asset Act of 2010. Authored by Senators Lieberman, Collins and
Carper, S. 3480 was the subject of a legislative hearing yesterday in
the Senate, and is moving there on a fast track.
In the words of former Assistant Secretary of Homeland Security for
Policy Stewart Baker, ``we are going to have a meltdown'' if we fail to
act to protect our cyber networks.
Right now we are chasing the problem. We need to get ahead of it. As
described in the report released today by the Government Accountability
Office--we face daunting challenges in tackling this problem,
including: a lack of sustained leadership, insufficient resources,
authority to enforce actions in the event of an imminent cyber attack,
the need to partner with other federal agencies and private sector
entities and insufficient education and training.
All of which this bill aims to correct.
First, the bill would establish a coordinating mechanism at the White
House--an Office of Cyberspace Policy--to develop a national strategy
for securing and improving the resiliency of cyberspace.
Second, it would create a National Center for Cybersecurity and
Communications at the Department of Homeland Security to identify and
mitigate cyber vulnerabilities. The Center would be charged with
providing situational awareness, conducting risk-based assessments of
threats, identifying vulnerabilities, managing external access points
for federal networks, overseeing operations of US-CERT, and working
with the private sector to establish security requirements to
strengthen vital components of critical infrastructure like the
electric grid and telecommunications networks.
Third, the key section of the bill provides the President with
authority--in consultation with Congress--to impose emergency security
measures on critical infrastructure networks in the event of a
catastrophic cyber attack. Presently, this authority is ad hoc.
Fourth, this legislation requires development of a supply chain risk
management strategy to address risks and threats to information
technology products and services upon which the federal government
relies.
Finally, the bill requires the new Department of Homeland Security
Cybersecurity Office to consult with the Privacy & Civil Liberties
Oversight Board mandated in the 2004 Intelligence Reform & Terrorism
Prevention Act. Sadly, this Administration has yet to nominate
individuals to serve on the Board. Additionally, the Director of the
National Center for Cybersecurity and Communications is required to
designate a privacy officer to review activities of the Center and
conduct privacy impact assessments to ensure information is being
collected in a manner that protects privacy and civil liberties of U.S.
persons.
With strong leadership to implement it, this bill will plug the
gaping hole in our cyberdefenses--while we have the chance to do so--
and, hopefully, prevent another potential devastating disaster.
I urge its prompt enactment.
____________________
