Although there has been plenty of news about what Congress has not done in the waning days of 2011, you can't say that there hasn't been a focus on cybersecurity. There has been a flurry of activity on Capitol Hill and within federal agencies to develop some sort of cybersecurity plan.
Late last week, legislation was approved by the House Homeland Security Committee to set up an organization to oversee the exchange of cybersecurity information. The bill is named the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act (PrECISE Act).
In a political landscape where no one seems to agree, cybersecurity issues seem to gather non-partisan support. The PrECISE Act is Republican-led legislation. On the other end of Pennsylvania Avenue and the other side of the political aisle, Howard Schmidt, the White House cyber coordinator, introduced a new strategy for cybersecurity research and development. Right now, government agencies spend $1 billion a year on non-classified cyber R&D, but there was no real government coordination of those projects. In an interview with Federal News Radio, Schmidt said the purpose of the plan is to better coordinate efforts to neutralize cyber attacks while saving money. According to the Federal News Radio article, the strategy calls for an R&D focus around four specific areas. They are:
These tidbits of news are also coupled with the Department of Homeland Security's efforts to create a cybersecurity blueprint, as well as legislation that has been introduced by other members of Congress. This is all positive news for anyone who cares about cybersecurity. There are skeptics out there, not surprisingly. An opinion piece at Trend Micro's Simply Security site wonders if all the noise about cybersecurity is a real concern or just political fodder as the 2012 campaign season heats up. As the piece pointed out how different presidential candidates are talking about cybersecurity in political terms, it also stated:
But while it's true that campaign promises come and go-and others seemingly go unresolved for decades-it would appear that cybersecurity is more than just pundit fodder. Internet security has become a serious problem for some of the most recognizable corporations in the world. And the rise of attacks on government institutions through either hacking incidents or malware doesn't appear to be slowing down any time soon.
It's an interesting argument overall, and I would have to agree that this focus on cybersecurity seems to be more than just to score political points. I think the American populace is more concerned with the economy and ending the wars than they are about the government's role in cybersecurity. If politicians are talking about it, they must understand the importance of government's role in protecting the cyber infrastructure.