U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


  1. Home
  2. About Us
  3. Site Links
  4. Archived
  5. News Archive
  6. Cybersecurity Legislation Would Enhance Protection of Critical Infrastructure

Archived Content

In an effort to keep DHS.gov current, the archive contains outdated information that may not reflect current policy or programs.

Cybersecurity Legislation Would Enhance Protection of Critical Infrastructure

Posted by Mark Weatherford, Deputy Undersecretary for Cybersecurity

Last week, I discussed the recently-introduced Cybersecurity Act of 2012 and the aspects of the legislation that would enhance the protection of the federal executive branch networks and help keep the American public safe from theft, fraud, and loss of personal and financial data. Today I’d like to discuss how the legislation would improve the security and resiliency of the nation’s critical infrastructure -- from banking and financial systems, to power plants and electric grids, to transportation and shipping hubs.

DHS leads the nation’s critical infrastructure protection and cybersecurity efforts, but the federal government cannot do it alone. The vast majority of critical infrastructure is owned and operated by the private sector, and the landscape is constantly changing as new and more sophisticated threats emerge. DHS is focused on building and strengthening partnerships across all levels of government and with the private sector in order to improve information sharing, support cyber incident response, and make cyberspace fundamentally safer and more secure.

The Cybersecurity Act of 2012 clarifies DHS’ authority to provide assistance to industry and state, local, tribal and territorial governments and establishes a risk mitigation framework to ensure that companies providing the Nation’s most essential services are instituting a baseline level of cybersecurity. This proposal would leverage the expertise of the private sector requiring the Nation’s most critical infrastructure adopt the cybersecurity practices and technologies that work best on their networks.

It also removes barriers to sharing cybersecurity information between industry and the federal government by providing immunity from other laws for the purpose of sharing such cybersecurity information with DHS. At the same time, the legislation mandates robust privacy oversight, including criminal penalties for misuse, to ensure that voluntarily shared information does not impinge on individual privacy and civil liberties.

The Cybersecurity Act of 2012 aligns closely with the Administration’s cybersecurity legislative proposal, and will allow DHS and our partners to continue to work together to secure cyberspace, protect our nation’s critical infrastructures, and advance our economic and security interests.

Last Updated: 09/20/2018
Was this page helpful?
This page was not helpful because the content