Standards, Regulations & Compliance

Bill Would Create DHS Cyber Compliance Unit

House Democrats Introduce Measure in Their Waning Days of Power
Bill Would Create DHS Cyber Compliance Unit
The conventional wisdom that Congress will not enact significant IT security legislation during the lame-duck session hasn't deterred a group of Democratic lawmakers from introducing another cybersecurity bill.

Known as the Homeland Security Cyber and Physical Infrastructure Protection Act of 2010, the legislation would create a new cybersecurity compliance division within the Department of Homeland Security to oversee the establishment of performance-based standards to address particular security risks facing the IT systems of civilian federal government agencies and the information networks tied to the nation's critical infrastructure.

The bill also would require DHS to work with the operators of the mostly privately owned critical infrastructure to develop security plans that meet risk- and performance-based standards, similar to those required by law to secure the chemical industry. The measure also would oblige DHS to share threat intelligence information with critical infrastructure operators.

"From a security and good-government standpoint, the way to deliver better cybersecurity is to leverage, modify, and enhance existing structures and efforts, rather than make wholesale bureaucratic changes," House Homeland Security Committee Chairman Bennie Thompson, D-Miss., said in a statement. "This bill will make our Nation more secure and better positions DHS - the 'focal point for the security of cyberspace' - to fulfill its critical homeland security mission."

Besides Thompson, thee chairs of two of the panel's subcommittees - Reps. Jane Harman, D-Calif., and Yvette Clarke, D-N.Y. - also sponsored the bill. The timing of the bill's introduction occurs weeks before Republicans take control of the House, and all three sponsors will lose their chairmanships - and influence over the cybersecurity agenda in Congress - when they become part of the chamber's minority party.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.