Phil Reitinger, the outgoing Department of Homeland Security Deputy Under Secretary for the National Protection and Programs Directorate, called on Congress to approve the Obama Administration’s legislative proposal to bolster the nation’s cybersecurity defenses in a number of areas.
“Our Nation is at risk,” Reitinger said Monday before Senate Homeland Security and Governmental Affairs Committee. “The cybersecurity vulnerabilities in our government and critical infrastructure are a risk to national security, public safety, and economic prosperity. The Administration has responded to Congress’ call for input on the cybersecurity legislation that our Nation needs, and we look forward to engaging with Congress as they move forward on this issue.”
Some of his key points on the proposal:
- State data breach reporting laws have helped consumers by incentivizing business to have better online security. The proposal helps businesses by simplifying and standardizing the existing patchwork of 47 state laws that contain these requirements with a clear and unified nationwide requirement.
- The proposal would increase penalties for computer criminals, applying laws underneath the Racketeering Influenced and Corrupt Organizations Act.
- Will enable DHS to quickly help a private-sector company, state, or local government when that organization asks for help. It also clarifies the type of assistance that DHS can provide to the requesting organization.
- Critical-infrastructure operators would need to show more transparency to help market forces ensure that critical-infrastructure operators are accountable for their cybersecurity.
- Update the Federal Information Security Management Act (FISMA) and formalize DHS’ current role in managing cybersecurity for the Federal Government’s civilian computers and networks, in order to provide departments and agencies with a shared source of expertise. The legislation would also promote the ongoing transformation of FISMA toward increased automation and performance based security measures.
- The Federal Government has embraced cloud computing, where computer services and applications are run remotely over the Internet. Cloud computing can reduce costs, increase security, and help the government take advantage of the latest private sector innovations. This new industry should not be crippled by protectionist measures, so the proposal prevents states from requiring companies to build their data centers in that state, except where expressly authorized by federal law.