Cybersecurity Bill's Partnership

It was good to see the Homeland Security and Governmental Affairs Committee unanimously pass <a href="http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=111_cong_bills&docid=f:s3480is.txt.pdf">Senate bill 3480</a> out of committee on Tuesday. There were some <a href="http://cybersecurityreport.nextgov.com/2010/06/mccains_dirty_cyber_politics.php">concerns</a> raised at the initial hearing by Sens. John McCain, R-Ariz., and Roland Burris, D-Ill., about creating a National Center for Cybersecurity and Communications within the <a href="http://topics.nextgov.com/Homeland+Security+Department/">Homeland Security Department</a> (DHS) to implement cybersecurity policies. However, the provision remained in the bill.

It was good to see the Homeland Security and Governmental Affairs Committee unanimously pass Senate bill 3480 out of committee on Tuesday. There were some concerns raised at the initial hearing by Sens. John McCain, R-Ariz., and Roland Burris, D-Ill., about creating a National Center for Cybersecurity and Communications within the Homeland Security Department (DHS) to implement cybersecurity policies. However, the provision remained in the bill.

DHS is considered by most experts to be uniquely qualified, and to have the technical bodies to implement cybersecurity policy. In fact, the measure is one that was widely considered during President George W. Bush's second term.

The White House office, on the other hand, will be a much smaller outfit, and more focused on setting the policy than implementing it. However, the White House will have the authority and gravitas to ensure all federal agencies are complying with the guidelines put forth by DHS, and other agencies responsible for cybersecurity. This was something the Office of Management and Budget (OMB) has had trouble doing for years. Some of the White House's additional roles include:

"Develop, not later than 1 year after the date of enactment of this Act, and update as needed, but not less frequently than once every 2 years, a national strategy to increase the security and resiliency of cyberspace, that includes goals and objectives relating to --"

The bill goes on to list computer network operations, information assurance, protection of critical infrastructure, research and development, diplomacy, homeland security and military and intelligence activities.

Opponents are right to note this will make government larger. And I didn't get a clear feel within the bill's text for how the White House and DHS will work together in concert to set the policy and implement it. But the bill's proposed setup is much more fluid than what we have on the books now and will enable the White House to cut through the bureaucratic red tape that has plagued OMB for years. It also will ensure that continuous monitoring is implemented across federal agencies, saving hundreds of millions of dollars a year. In short, the bill might not be perfectly written to date, but its philosophies are in order.

When the bill might actually make it to the floor is up in the air. There have been conflicting reports, but bill sponsor Joe Lieberman, I-Conn., said Senate Majority Leader Harry Reid, D-Nev., would like the bill voted on before the end of the year.