The Public Eye with Eric Chabrow

Cybersecurity Reform and the Wow Factor

Cybersecurity Reform and the Wow Factor

It took a bit of time - the holiday weekend - before many congressional followers realized the significance of Friday's House passage of the defense authorization bill on FISMA and cybersecurity reform. That bill included a rider attached by Reps. Diane Watson, D-Calif., and James Langevin, D-R.I., that if enacted would revolutionize the way the federal government governs IT security.

Media coverage of the defense authorization bill Friday and over the weekend heavily focused on another of the bill's provisions, the one to eliminate the don't ask, don't tell policy that prohibits gays from serving openly in the military.

But the Watson-Langevin amendment was a real coup for those seeking cybersecurity reform, and the fact that it was approved as a rider should not diminish the significance of the measure to revolutionize the way the government governs IT security. Indeed, many major pieces of legislation become law as a rider to another bill, including the Federal Information Security Management Act of 2002.

"Historically, a lot of legislation effecting government statutory programs has made it through as riders to authorization bills; they rarely can get to the floor as stand alone legislation," Jim Flyzik, a former Treasury CIO and senior adviser to Tom Ridge when he headed the White House homeland security office, said in an e-mail message.

Though it's a certainty a House-Senate conference will work out differences between the two chambers' versions of defense authorization - the Senate is working on its version - there's no guarantee that the final defense authorization bill will include cybersecurity reform. But some of those who follow IT security reform closely contend the House action increases the chances of significant cybersecurity legislation becoming law this year. "The DoD authorization is one piece which always makes it through so, this increases the chances of passage," said former federal CIO Karen Evans.

What the House action does is put pressure on the Senate to act. That could come from the Senate Committee on Homeland Security and Governmental Affairs, who's chairman - Sen. Joseph Lieberman, I-Conn. - has been promising for months to introduce a comprehensive cybersecurity reform bill that would incorporate much of the language in the United States Information and Communications Act, the FISMA reform legislation introduced in April 2009 by another committee member, Sen. Thomas Carper, D.-Del. Many provisions of Carper's bill mirrors provisions in the House-passed bill.

What's hanging up the Lieberman bill? Some observers believe it's Sen. Susan Collins of Maine, the ranking Republican on the Homeland Security panel who's on record opposing the top cybersecurity official in government being housed in the White House, as called for in the Watson-Langevin amendment; she says that official should be quartered in the Department of Homeland Security. It's believed Lieberman wants Collins' name on the bill.

The House action was swift and unexpected, a "wow" as SANS Institute Research Director Alan Paller put it. Be prepared for further wows.



About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.