Proposed Cybersecurity Bill Creates Security Czar

Two senators introduced cybersecurity legislation Wednesday that proposed widespread changes to the governing policies that oversee and protect the U.S. computer network infrastructure, including the appointment of a cybersecurity czar.

The legislation, developed by Senate Commerce Committee Chairman John Rockefeller IV, D-W.Va., and Sen. Olympia Snowe, R-Maine, is packaged in two separate bills proposing to overhaul the cybersecurity process. Specifically, the bill attempts to raise awareness of cybersecurity in the federal government; put cybersecurity issues in the public eye; cultivate the relationship between government and the private sector in regards to cybersecurity; and foster cybersecurity innovation for development of long-term solutions to combat growing threats.

The proposed cybersecurity bill comes in the midst of a comprehensive review of federal regulation on cybersecurity infrastructure and issues, scheduled for completion next month. It also follows shortly after the resignation of Rod Beckstrom from his position as director of Homeland Security's National Cybersecurity Center.

One of the most significant components of the pending bill is the appointment of a national cybersecurity adviser, who would oversee all cybersecurity functions within a newly created office under the direct jurisdiction of the White House and possess broad powers across all IT systems, including the authority to disconnect a federal or critical infrastructure network from the Internet if it was believed susceptible to a cyberattack.

In addition, the adviser, reporting directly to the president, would also develop a comprehensive national cybersecurity strategy, coordinate cybersecurity efforts with the intelligence community and other agencies, and conduct threat assessments of both public and private systems.

Meanwhile the bill also aims to form more alliances between the government and the private sector on cybersecurity issues. Among other things, the bill proposes to create a public-private clearinghouse that would manage and share information on cyber threats and vulnerabilities between federal government and private sector.

Other provisions of the bill would expand innovation of new and sophisticated security solutions, which include increasing federal cybersecurity research and development at the National Science Foundation, determining specific dollar figures for cybersecurity risks, and creating cybersecurity competitions to attract and recruit talent to the field, to combat the growing wave of security threats.

Security experts say that several high-profile security incidents, such as the Heartland Payment Systems data breach affecting 100 million credit- and debit-card accounts, as well as the Conficker worm, have recently brought about public awareness.

"With the Heartland data breach, everything has come to the surface. A lot of these companies were being hacked before but no one found out," said Mandeep Khera, chief marketing officer for security company Cenzic. "Now that the news is getting out, the alarm bells were raised for all these senators and congressmen."

Consequently, Khera said that he and many in the security community laud the proposed bill as something that is necessary to protect the nation's computer systems from both foreign and domestic threats.

"To me, it's no different than a war. In this war, we haven't done anything to protect ourselves. We haven't put the right guards in front,"Khera said. "If you think of a physical war, we never would let this happen."