Consider President Obama's signing of the Federal Information Security Modernization Act this month an early birthday present for Sen. Tom Carper, the chief sponsor of the legislation that updates FISMA, the law that governs federal IT security.
Reforming the Federal Information Security Management Act is a crowning achievement for Carper as chairman of the Senate Homeland Security and Governmental Affairs Committee. Carper, who turns 68 on Jan. 23, is being forced to relinquish that post next week as Republicans take control of the upper chamber in January.
Getting any piece of legislation enacted isn't easy, especially in the 113th Congress, when lawmakers passed 297 new laws, one of the least productive Congresses in history. As a comparison, the last time the GOP controlled both houses of Congress and a Democrat (Bill Clinton) was president - the 106th Congress - lawmakers enacted 604 laws. In the last two years of Republican George W. Bush's presidency, the 110th Congress (2007-2008), with Democratic majorities in both houses, legislators passed 460 laws.
Persistent Campaign to Reform FISMA
Carper's been energetically working on FISMA reform since the 110th Congress, when Democrats seized control of Congress from the Republicans. In 2009, as chairman of the Homeland Security and Government Affairs subcommittee with IT security oversight, Carper introduced a bill to update FISMA.
At about the same time in 2009, Information Security Media Group launched GovInfoSecurity, and as founding editor, I reached out to Carper to be one of our first podcast interviewees. Carper and I have known each other for 38 years; I covered him as a reporter for a Delaware daily newspaper when he served as the elected state treasurer (voters later elected him as their U.S. representative and governor). Carper has a keen memory; I remember walking on a pedestrian mall in Wilmington, Del., years after I left Delaware for another job, when then-U.S. Rep. Carper, seeing me in the distance shouted, "Hey, Eric!"
Carper's memory didn't fade, and he remembered me decades later when I reached out to him in 2009. Because it was a new website, few people knew of GovInfoSecurity. Having Carper as an interview subject helped persuade other lawmakers and leading government IT security policymakers and practitioners to talk with us. Our coverage of FISMA over the years - starting with the Carper interview - went hand-in-hand with the development of GovInfoSecurity as a key source of government IT security news.
In that 2009 interview, Carper expressed confidence that FISMA reform would soon become law, with the president signing it on the legislator's birthday in a Rose Garden ceremony.
Sen. Tom Carper makes prediction on FISMA reform in 2009.
The birthday he was referring would have been his 63rd, and over the years I teased the senator about his prediction. Carper finally received the FISMA reform present from Obama, but without the pomp and circumstance of a Rose Garden ceremony. In the privacy of his White House office on Dec. 18, Obama signed the FISMA reform law along with 47 other bills, including four other cybersecurity-related measures (see Obama Signs 5 Cybersecurity Bills).
Enactment of FISMA reform doesn't mean Carper's done with cybersecurity lawmaking and congressional oversight. As ranking minority member of the Senate committee in the next Congress, he says cybersecurity will remain one of his legislative priorities. "The threat is too great and continues to grow," Carper says, as sort of a thank you note on FISMA reform's enactment. "Cybersecurity remains a top priority for me in the 114th Congress, and I will continue to work with my colleagues on both sides of the aisle on additional measures to enhance our nation's cybersecurity efforts."
The signing of FISMA reform definitely was a well-earned, long-overdue birthday present for Carper.