Congress

Speaking at the RSA cybersecurity conference, congressional staff said lawmakers are considering legislative ways to help federal agancies, such as DHS’s Cybersecurity and Infrastructure Security Agency, recruit cyber workers. The Senate Committee on Homeland Security and Government Affairs is focused on trying “to see what are the barriers to people entering the federal space, in […]

General Stephen Lyons, the head of U.S. Transportation Command, told the Senate Armed Services Committee that their commercial suppliers were defenseless against persistent cyber threats, despite an increase in overall compliance. He said they have worked for several years to bring contractors up to a “basic level of cyber hygiene” and inform company executives of […]

Cybersecurity is a big challenge for the federal government because of the way it encompasses technology, foreign policy, national security, and crime. Carrie Cordero argues that congressional oversight of federal cybersecurity is too much of a patchwork and ought to be consolidated. Cordero is an attorney with long experience in the national security end of […]

Senator Kirsten Gillibrand (D-NY) has introduced legislation that would create a new federal agency dedicated to data protection and digital privacy. The Data Protection...

In a recent hearing, the Senate Homeland Security and Governmental Affairs Committee examined how state, local, tribal, and territorial governments, and critical infrastructure owners and operators can mitigate and protect against persistent cybersecurity threats. The hearing also highlighted the current threat environment, including ransomware attacks and threats from state actors such as Iran. In his […]

The Data Protection Act introduced by Senator Kirsten Gillibrand (D-NY) would create a consumer watchdog to: Give Americans control and protection of their data. The DPA would have the authority and resources to effectively enforce data protection rules, and would be equipped with a broad range of enforcement tools, including civil penalties, injunctive relief, and […]

Cybersecurity and Infrastructure Security Agency director Christopher Krebs told the Senate Homeland Security and Governmental Affairs Committee that the agency can use an automated approach to identifying and plugging vulnerabilities in the internet, but hits a roadblock when they find exploitable weaknesses, because the only information they have about the owner is their computer or […]

The GSA’s Federal Risk Authorization Modernization Program is one step closer to formal legislative codification, as the House of Representatives voted unanimously to pass the FedRAMP Authorization Act. The bill ensures that the FedRAMP program, originally established in 2011 by an OMB memo, would have a more permanent role, in addition to adding more concrete […]

The House Homeland Security Committee has advanced the CISA Director Reform Act, which was introduced by Representative John Katko (R-NY) and is intended to improve operations and efficiency at the Cybersecurity Infrastructure Security Agency, by setting the term of the Director at five years. Currently, the appointment is of indeterminate duration, and Katko says that […]

The House Homeland Security Committee has approved two bills reflecting confidence that the Cybersecurity and Infrastructure Security Agency would perform its cybersecurity functions while protecting privacy, and a need to shield the agency’s chief from the potential whims of changing political administrations and the lure of the private sector. The Cybersecurity Vulnerability Identification and Notification […]