The White House proposed cybersecurity legislation today that gives the Homeland Security Department oversight of federal civilian networks.
Federal News Radio reported in April that the proposal would give DHS cyber responsibilities for the .gov networks similar to the authorities the Defense Department has for the .mil networks.
A senior DHS official said the proposal will modernize the Federal Information Security Management Act (FISMA), which has been criticized as a paper-based process.
The White House proposal would streamline the threat detection system, giving DHS permanent authority over intrusion prevention systems with automated sensors that identify and block cyber intrusions and attacks on federal networks, according to according to White House statement.
The proposal also supports continuous monitoring of networks.
Breaches to critical infrastructure would be reported to DHS, the official said.
The administration is also calling for more recruitment of cyber professionals. The proposal would give DHS “more flexibility in hiring these individuals,” according to the White House statement.
“Our nation is at risk. The cybersecurity vulnerabilities in our government and critical infrastructure are a risk to national security, public safety, and economic prosperity,” according to the statement.
Members of both political parties have recognized the need to strengthen cybersecurity legislation. In the last session of Congress, lawmakers introduced about 50 cyber-related bills, according to the White House.
In a press briefing Thursday, White House Press Secretary Jay Carney said the administration expects bipartisan support for the proposal.
Carney said, “There’s a lot of legislation out there, so there are differences in details, obviously, with many other proposals. But the overall effort, the overall goal of this proposal is to better protect the American people from cyber crime and identity theft; to better safeguard critical infrastructure as well as the federal government’s computers and networks; and to better protect individuals’ privacy and civil liberties.”
The plan, however, does not impose fines on industry for insufficient cyber plans. Carney said the White House proposal instead offers a “strong incentive” for industry to strengthen cybersecurity.
The plans also does not include the creation of a cybersecurity director position.
“One of our nation’s major shortcomings is the lack of a single person with the right authority working to coordinate our efforts,” said Rep. Jim Langevin (D-R.I.) in a statement. Langevin said he had proposed creating a Director of a National Office for Cyberspace.
Members of the Senate Homeland Security and Governmental Affairs Committee said the White House plan is “on the same track” as the Senate in terms of giving DHS cyber authorities.
“We both recognize that the government and the private sector must work together to secure our nation’s most critical infrastructure, for example, our energy, water, financial, telecommunications, and transportation systems. We both call for risk-based assessments of the systems and assets that run that infrastructure,” according to the Statement from Senators Joe Lieberman (I-Conn.), Susan Collins (R-Maine) and Tom Carper (D-Del.)
Technology industry group TechAmerica noted the proposal highlights the need for government to “draw a bright line” between critical and non-critical infrastructure, and outline the implications with that label.
– Federal News Radio’s Jason Miller contributed to this story.