Bill to Give Cyber Director Broad Budget PowerMeasure Would Establish National Cyberspace Office in White House
The Executive Cyberspace Authorities Act of 2010 - offered by Reps. Jim Langevin (pictured), D.-R.I. and Michael McCaul, R.-Texas - goes farther than other bills before Congress that propose a White House cyberspace office by authorizing the director to review and approve each civilian federal agency budget relating to the protection of IT assets.
President Obama last December named Howard Schmidt to the newly created White House post of cybersecurity coordinator, a job that did not require Senate confirmation. The commission - sponsored by the Center for Strategic and International Studies, a bipartisan public policy institute - made a series of recommendations in late 2008, including the establishment an office of cyberspace in the White House, with its head confirmed by the Senate. The bill would provide the director with a seat on the National Security Council.
"While the president's establishment of a cybersecurity coordinator was an encouraging step, the position was not given the proper authorities to adequately secure our networks and coordinate IT policy across government," Langevin, who co-chairs the House Cybersecurity Caucus with McCaul, said in a statement. "Our legislation aims to enhance this position, giving it more authority."
According Langevin and McCaul, the bill would direct that each civilian agency to include with its annual budget a:
- Review of threats faced by the agency to its information security systems.
- Plan to secure the agency's IT infrastructure, based upon National Institute of Standards and Technology guidelines and recommendations.
- Description of agency compliance with its established IT practices, including compliance with the Federal Information Security Management Act.
- Report on development of secure identity and authentification processes.
Under the measure, the cyberspace director may recommend that the president withhold awards and bonuses for specific agencies that fail to make adequate efforts to secure their IT infrastructure in their budgets. The cyberspace director also would be responsible for annually providing to Congress an assessment of agency progress in developing and implementing IT policies, significant agency deficiencies and planned remedial action.
Listen to our June 2009 interview Rep. James Langevin.