U.S. Senate bill would expand Homeland Security’s cybersecurity authority

By Erin Ayers on July 24, 2015

Seal_of_the_United_States_Senate200x200A new U.S. Senate bill seeks to develop the Department of Homeland Security into the first line of defense to protect civilian information contained on federal networks in response to the cyber attacks on the Office of Personnel Management.

U.S Sens. Kelly Ayotte (R-NH), Susan Collins (R-ME), Mark Warner (D-VA), Dan Coats (R-IN), Barbara Mikulski (D-MD), and Claire McCaskill (D-MO) introduced the measure adding that DHS must have the authority to formally protect websites on the .gov domain. They sounded an alarm over the sensitive personal information contained throughout the government system, including Social Security numbers, home addresses, dates of birth, and for some federal employees and former employees and contractors, background information for security clearance.

“The recent security breaches of sensitive government databases pose a serious risk not only to the personal information of those affected, but also to our national security,” said Sen. Ayotte. “There is currently a disconnect in our federal cybersecurity system when it comes to the responsibility, capability, and authority to protect federal agency networks, resulting in serious security vulnerabilities. The reforms in our legislation are major steps in the right direction, allowing the Department of Homeland Security a more direct role and responsibility to guard sensitive data housed in multiple places.”

Called the Federal Information Security Management Reform Act of 2015 (FISMA Reform), the legislation would provide DHS with the authority to monitor and prevent intrusions into any federal agency sites and conduct risk assessments of all networks in the government domain. DHS would then be able to use “defensive countermeasures” on the networks upon detection of a cyber threat.

“The announcement that OPM’s data breaches compromised the personal data of at least 22 million federal employees, retirees, contractors, and their families is as outrageous and unacceptable as it is devastating,” said Sen. Mikulski. “It’s also a reminder that we are in a new kind of war – a cyber-war – against those who would attack and steal from our government and our people. We must act immediately, not only to ensure that the federal government gives the best protection possible to every American whose personal data could be compromised, but also to make sure the Department of Homeland Security has the tools and resources it needs to keep our cyber shields up and working.”

“The recent cyber attack at OPM affected a staggering number of Americans and exposed a tremendous vulnerability with the status quo in the defense of federal civilian networks. Like millions of Americans, I received a letter that my personal data had been compromised,” said Sen. Collins. “This attack was a stark reminder that our adversaries are increasingly turning to the cyber realm and we must make certain that the Department of Homeland Security is empowered to deploy effective tools in the .gov domain to ensure that government agencies are properly protected. This bipartisan legislation is crucial to securing our government systems and helping to prevent future, potentially devastating cyber attacks against our nation.”

erin.ayers@zywave.com'

Erin is the managing editor of Advisen’s Front Page News. She has been covering property-casualty insurance since 2000. Previously, Erin served as editor-in-chief of The Standard, New England’s Insurance Weekly. Erin is based in Boston, Mass. Contact Erin at [email protected].