Don't Ask..Don't Yell

Monday, June 07, 2010

Ron Baklarz

91648658a3e987ddb81913b06dbdc57a
In case you have not been following the current slew of cyber security-related legislation that has been penned during the 111th Congress, there are currently 35 different laws in various stages of the legislative process.  Melissa Hathaway, former White House cyber security advisor, has recently released a study of these legislations available at: http://belfercenter.ksg.harvard.edu/files/legislative-landscape-publish-final.pdf  In her analysis document, she details nine (9) of these some 35 pieces of legislation as the "one's to watch."  

On Friday, May 28, 2010, the House approved the National Defense Authorization Act, which includes an amendment that is an amalgamation of the Federal Information Security Amendments Act of 2010, HR 4900 (which was approved last week by the House Oversight and Government Committee), and the Executive Cyberspace Authorities Act, HR 5247.  The amendment includes a number of cyber security-related items such as:

- Creating a National Office for Cyberspace within the White House headed by a Senate-approved director, to coordinate and oversee the security of agency information systems and infrastructure. This office will have strong budgetary oversight powers that are backed by financial pay-for-performance authorities, and are accountable to Congress.

- Establishing a Federal Cyber security Practice Board within the cyberspace office to develop policies and procedures for agencies to adhere to in meeting FISMA statutory requirements and to oversee the implementation of approved standards and guidelines developed by the National Institute of Standards and Technologies.

- Requiring agencies to undertake automated and continuous monitoring of their systems to ensure compliance and identify deficiencies and potential risks. 

- Ordering agencies to obtain annual independent audits of their information security programs to determine their overall effectiveness and compliance with FISMA requirements.

It just so happens that the National Defense Authorization Act is the same bill that includes another amendment to eliminate the military's "don't ask, don't tell" policy. That controversial amendment could jeopardize the overall bill's passage due to potential resistance by senators who don't want to end don't ask, don't tell.

 

Possibly Related Articles:
3518
Enterprise Security
Government Regulation Cyber Security
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.