Standards, Regulations & Compliance
Bill Would Create DHS Cyber Compliance UnitHouse Democrats Introduce Measure in Their Waning Days of Power
Known as the Homeland Security Cyber and Physical Infrastructure Protection Act of 2010, the legislation would create a new cybersecurity compliance division within the Department of Homeland Security to oversee the establishment of performance-based standards to address particular security risks facing the IT systems of civilian federal government agencies and the information networks tied to the nation's critical infrastructure.
The bill also would require DHS to work with the operators of the mostly privately owned critical infrastructure to develop security plans that meet risk- and performance-based standards, similar to those required by law to secure the chemical industry. The measure also would oblige DHS to share threat intelligence information with critical infrastructure operators.
"From a security and good-government standpoint, the way to deliver better cybersecurity is to leverage, modify, and enhance existing structures and efforts, rather than make wholesale bureaucratic changes," House Homeland Security Committee Chairman Bennie Thompson, D-Miss., said in a statement. "This bill will make our Nation more secure and better positions DHS - the 'focal point for the security of cyberspace' - to fulfill its critical homeland security mission."
Besides Thompson, thee chairs of two of the panel's subcommittees - Reps. Jane Harman, D-Calif., and Yvette Clarke, D-N.Y. - also sponsored the bill. The timing of the bill's introduction occurs weeks before Republicans take control of the House, and all three sponsors will lose their chairmanships - and influence over the cybersecurity agenda in Congress - when they become part of the chamber's minority party.