US Congress Steps Up Cybersecurity Measures

MOSCOW, December 12 (Sputnik) — US Congress stepped up its legislative effort to develop the nation’s cybersecurity, affected by recent expressions of concern from experts and the highly-publicized hack of Sony Pictures. Congress unanimously adopted two bills, effectively outlining the degree of governmental involvement allowed in online regulation.

The US House of Representatives passed the National Cybersecurity Protection Act of 2014 (S. 2519) today, a bipartisan initiative approved by Senate earlier this week, along with a similar Senate-proposed amendment to the Cybersecurity Workforce Assessment Act (HR 2952). Legislators claim these measures will ensure improved governmental regulation of US communications with regard to the global cyberspace.

The National Cybersecurity Protection Act of 2014 (NCPA) is an updated version of the Senate Committee of Homeland Security, outlining the functions of the Department of Homeland Security (DHS) cyber center.

The NCPA is 17-pages long. The bill does not include most of the previously proposed controversial norms on information sharing; however, it obliges the DHS to submit proposals on measures to facilitate information sharing between the private sector and critical infrastructure within six months of the bill’s enactment. The DHS must also lay out the emergency cyber-attack response plan. The DHS cyber center must also serve as a federal-civilian information-sharing interface on cybersecurity issues and work to provide timely responses to emerging cyber-attacks.

"The cyber bills passed this week are a historic moment in the fight against cyber-attacks," Rep. Michael McCaul (R-TX), head of the House Committee on Homeland Security, said, noting that objects of critically important infrastructure, like power plants and water systems, must be protected from international hacks, and undertaken by public and private actors, like nation-states and corporations.

The second bill passed today, the Federal Information Security Modernization Act of 2014 (S. 2521, or FISMA) is a bare update to the previously existing norms of law, providing clearer instructions on governmental IT management, as well as federal regulation in case of data breaches. The duties in ensuring the security of the ‘.gov’ domain have been more clearly redistributed between the federal agencies.

“This bill will modernize our outdated federal network security laws, provide the tools and authorities needed to improve security at our federal agencies, and increase transparency and accountability for data breaches at federal agencies,” said Sen. Tom Carper, head of the Senate Committee on Homeland Security and Governmental Affairs.

The recent legislative activity in the sphere of cybersecurity also provides changes to the recruitment and management processes of IT security specialists  by allowing federal agencies to hire cybersecurity professionals for their needs.