Combating cyber threats is a shared responsibility that requires broad engagement – from government and law enforcement to the private sector and most importantly, members of the public. No country, industry, community or individual is immune to cyber risks. DHS plays a key role in this effort, both in protecting federal networks and assisting owners and operators of critical infrastructure to secure their networks through risk assessment, mitigation, and incident response capabilities.
Over the past several weeks, we have discussed the Administration’s cybersecurity legislative proposal and how the recently introduced bill by Senators Lieberman, Collins, Rockefeller and Feinstein would provide the comprehensive tools we need to effectively address the full range of cyber threats facing our nation, while preserving privacy and civil liberties and respecting freedom, openness, and innovation.
This week, I participated in a cyber demonstration for senators hosted by Majority Leader Harry Reid to show how the federal government would respond to a major cyber incident and how legislative reform would enhance that response. Together with leaders from across the federal government, I discussed how a cyber attack on America’s critical infrastructure could have broad impacts by disrupting key resources, resulting in billions of dollars in economic loss and even potential loss of life.
This Administration believes in the innovation and expertise of the private sector. We will work with critical infrastructure owners and operators to ensure the adoption of cybersecurity practices and technologies that work best on their networks in order to achieve a baseline level of cybersecurity. As part of this proposed legislation, DHS will conduct targeted risk assessments in consultation with the private sector and others to determine which systems and assets are subject to the greatest and most immediate cyber threats. We will collaboratively define cybersecurity performance requirements for these national security, economically critical, or life-sustaining services.
This week’s cyber demonstration also illustrated how a stronger legal framework paired with stiffer penalties for cyber crimes and the removal of legal barriers to sharing information will protect the American public and the American economy.
All sides agree that federal and private networks must be better protected, and that information should be shared more easily, yet still securely. Both the Administration’s proposal and the Cybersecurity Act of 2012 (S. 2105) would provide DHS with clear statutory authority commensurate with our cybersecurity responsibilities, while removing legal barriers to the sharing of information. As the Secretary of Homeland Security, I strongly support S. 2105 because it addresses the need, the urgency, and the methodology for protecting our nation’s critical infrastructure.
The time to act is now: we must improve cybersecurity coordination, strengthen our cybersecurity posture, and secure all elements of our economy against this serious and growing threat, while protecting privacy, confidentiality, and civil liberties. We look forward to continuing our engagement with Congress in the days ahead to reach agreement on a bill that will move the Nation forward.
Read about how the Cybersecurity Act of 2012 would enhance protections for the American public, advance government network security, and enhance protection of critical infrastructure.