Speaking at AMWA’s 2013 Water Policy Conference in Washington, DC on March 19, House Homeland Security Committee Chairman Michael McCaul (R-Tex.) announced his goal of marking up a critical infrastructure cybersecurity bill this June.
In his remarks, Chairman McCaul said that he is in the process of gathering input from representatives of all 16 critical infrastructure sectors to help shape legislation that he hopes will “incentivize the sharing of information” about cyber threats between the government and private critical infrastructure sector owners and operators. McCaul pledged to not “markup or introduce a bill that harms” critical infrastructure industries by imposing “heavy-handed regulations.” This suggests that the McCaul bill will look very different from proposals backed by the White House and Senate Democrats that would create a pathway for DHS and other sector-specific agencies to regulate the cybersecurity activities of infrastructure owners and operators.
While no draft versions of McCaul’s bill are publicly circulating, he did say that he hopes the final product will include liability protections for private sector organizations that share information with the government, increase in the number of government-issued security clearances, and better integrate the Information Sharing and Analysis Centers (ISACs) and DHS’ National Cybersecurity and Communications Integration Center (NCCIC).
Additionally, McCaul said that mid-April is the target date for the House Select Committee on Intelligence to markup its own cybersecurity proposal, the “Cyber Intelligence Sharing and Protection Act” (CISPA). That bill would boost cyberthreat information sharing between network operators and the federal government, but earlier versions have run into opposition from some civil liberties organizations warning that it could cause Internet providers to hand user information over to the federal government.