US flag signifying that this is a United States Federal Government website   Official website of the Department of Homeland Security

U.S. Flag and Keyboard

Cybersecurity Legislation Would Enhance Protection of Critical Infrastructure

Posted by Mark Weatherford, Deputy Undersecretary for Cybersecurity

Last week, I discussed the recently-introduced Cybersecurity Act of 2012 and the aspects of the legislation that would enhance the protection of the federal executive branch networks and help keep the American public safe from theft, fraud, and loss of personal and financial data. Today I’d like to discuss how the legislation would improve the security and resiliency of the nation’s critical infrastructure -- from banking and financial systems, to power plants and electric grids, to transportation and shipping hubs.

DHS leads the nation’s critical infrastructure protection and cybersecurity efforts, but the federal government cannot do it alone. The vast majority of critical infrastructure is owned and operated by the private sector, and the landscape is constantly changing as new and more sophisticated threats emerge. DHS is focused on building and strengthening partnerships across all levels of government and with the private sector in order to improve information sharing, support cyber incident response, and make cyberspace fundamentally safer and more secure.

The Cybersecurity Act of 2012 clarifies DHS’ authority to provide assistance to industry and state, local, tribal and territorial governments and establishes a risk mitigation framework to ensure that companies providing the Nation’s most essential services are instituting a baseline level of cybersecurity. This proposal would leverage the expertise of the private sector requiring the Nation’s most critical infrastructure adopt the cybersecurity practices and technologies that work best on their networks.

It also removes barriers to sharing cybersecurity information between industry and the federal government by providing immunity from other laws for the purpose of sharing such cybersecurity information with DHS. At the same time, the legislation mandates robust privacy oversight, including criminal penalties for misuse, to ensure that voluntarily shared information does not impinge on individual privacy and civil liberties.

The Cybersecurity Act of 2012 aligns closely with the Administration’s cybersecurity legislative proposal, and will allow DHS and our partners to continue to work together to secure cyberspace, protect our nation’s critical infrastructures, and advance our economic and security interests.

Published by the U.S. Department of Homeland Security, Washington, D.C.
Back to Top