Government Computer News
Congress to industry: 'We need your help'
SAN FRANCISCO—Making national cybersecurity policy is an always difficult and often thankless task, the director of a House subcommittee told an audience Wednesday at the RSA Security conference.
Digg
De.licio.us
Slashdot
Technorati
“One of the things that make cybersecurity difficult is that there are a lot of mixed messages out there,” said Jacob Olcott of the House Homeland Security Subcommittee on Emerging Threats, Cyber Security, and Science and Technology. Some see the threat of cyberterrorism as a reality, and others think dire pronouncements are overblown. “There is a lot of disagreement about what, exactly, we’re dealing with.”
And there is a confusing amount of overlap in congressional oversight of the subject, Olcott said. Who is in charge of cybersecurity? “Everybody and nobody.”
Committee jurisdictions are spelled out by House rules issued for every Congress, but the rules do not specifically mention cybersecurity. Vying for authority — in addition to the Homeland Security Committee — are the Government Reform Committee, which wrote and is rewriting the Federal Information Security Management Act; the Intelligence and Armed Forces committees; the Energy and Commerce Committee; and the Judiciary Committee, which is considering cybercrime legislation. And, Olcott said, “every other committee in the House that oversees an agency would probably claim jurisdiction over that agency’s network.”
Conflicting priorities and approaches can make it difficult to get anything done.
“Writing and passing legislation is never as easy as ‘School House Rock’ would make it appear,” Olcott said.
Olcott’s subcommittee has taken an aggressive stance on cybersecurity, holding a series of hearings on the subject and investigating the penetration of a number of government networks from which information appears to be funneled to Chinese-language servers. The result has been a heightened awareness of network security issues within government and efforts to hold agency chief information officers and chief information security officers accountable for breaches. One result has been a requirement in a DHS Transportation Security Agency network procurement that the security operations center be operated separately from the network, giving a greater degree of independence.
| |||
| Latest News |  WashingtonTechnology.com |
FCW.com |
|
GCN.com
The latest technology news from GCN.com
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
 |
![1105 Government Information Group [justice]](/images/1105logo_website.gif "Government Computer News [justice]")
© 1996-2008 1105 Media, Inc. All Rights Reserved.
