Standards, Regulations & Compliance

5 Things You Didn't Know About Cybersecurity Bill

Licensing IT Security Pros Among Provisions
5 Things You Didn't Know About Cybersecurity Bill
Cybersecurity legislation - Senate Bill 773 - introduced by Sen. Jay Rockefeller, D.-W.Va., earlier this month received a lot of attention -- in part because of a provision to allow the president to declare a cybersecurity emergency and shutdown Internet traffic to and from government IT systems and the nation's critical IT infrastructure.

But portions of the bill that aren't as provocative failed to gain much attention, yet they would have a greater impact on the everyday working lives of government employees charged with providing IT security and to the citizens and businesses they serve to protect. Here are five of lesser-known provisions of the legislation:

  1. Licensing Cybersecurity Pros: Three years after Congress enacts the legislation, anyone providing cybersecurity services to the federal government or elements of the nation's critical IT infrastructure designated by the president must be licensed under a program developed under the direction of the Commerce secretary.

  2. Cybersecurity Dashboard: The Commerce Department, working with the Office of Management and Budget, will develop a plan to create a system to provide dynamic, comprehensive, real-time cybersecurity status and vulnerability information for all federal IT systems and networks managed by the Commerce Department. If such a dashboard is created, it likely would be adopted by other government agencies.

  3. New Metrics:Within one year of enactment, the National Institute of Standards and Technology will establish measurable and auditable cybersecurity standards for all federal agencies, contractors and designated critical infrastructure systems and networks.

  4. National Cybersecurity Awareness Campaign: The Commerce Secretary will implement a national cybersecurity awareness campaign designed to heighten pubic awareness of cybersecurity concerns that communicates the government's role in securing the Internet and protecting the privacy and civil liberties with respect to Internet activities.

  5. Cybersecurity Risk Management Report: The president will report to Congress within a year of the bill's enactment the feasibility of creating a market for cybersecurity risk management, including the creation of a system of civil liability and insurance including government reinsurance and requiring cybersecurity to be a factor in all bond ratings.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.