The chairman of the House Homeland Security Committee and a deputy DHS secretary each used a congressional oversight hearing last week to call for legislative action to protect the cybersecurity of critical infrastructure assets.
House Homeland Security Committee Chairman Michael McCaul (R-Tex.) cited legal barriers, regulatory uncertainty, a lack of resources and inadequate private sector participation as the major challenges to increasing cybersecurity across sectors. He said these weaknesses necessitate a congressional response. McCaul has previously called developing critical infrastructure cyber legislation one of his top priorities for the year, but thus far has not outlined a specific proposal.
In testimony to the committee DHS Deputy Secretary Jane Hall Lute called the Obama Administration’s recent cybersecurity executive order “an important milestone” in the effort to counter cyber attacks, but agreed that more work is needed. Lute said the executive order “does not grant new regulatory authority or establish additional incentives for participation in a voluntary program” to boost critical infrastructure security. As a result, she said, Congress should pass legislation that increases “information sharing and [promotes] the establishment and adoption of standards for critical infrastructure.”
Members of the critical infrastructure community have generally urged Congress to focus any new legislation on developing a robust information-sharing network between government and the private sector. This viewpoint was conveyed in testimony delivered at the hearing by a representative of the Financial Services ISAC.