The cyber bills signed into law Thursday by President Obama are “a historic step in bolstering our national security,” said Senate Homeland Security and Governmental Affairs Committee Chairman Tom Carper (D-Del.).
Congress passed four cyber bills out the Homeland Security committees during a lame-duck flourish of cyber activity. Collectively the bills codified cybersecurity roles at various agencies and bolstered the government’s ability to hire and train a cyber workforce.
{mosads}While many saw the moves as peripheral, lawmakers insisted they are necessary first steps toward defending the nation’s critical infrastructure against cyberattacks.
“With these bills we have laid the foundation for the fight against cyberattacks,” said House Homeland Security Committee Chairman Michael McCaul (R-Texas).
The bills officially authorize an existing cyber information hub at the Department of Homeland Security (DHS). The hub — known as the NCCIC or National Cybersecurity and Communications Integration Center — is a repository for cyber threat information from various government agencies and private sector partners.
Codifying NCCIC’s authority “will require DHS to improve its programs for assisting the private sector and sets the stage for future legislation to provide liability protection for sharing cyber threat information,” said Senate Homeland Security Committee Ranking Member Tom Coburn (R-Okla.).
Industry groups and many lawmakers have pushed for a bill to give legal protections to companies sharing cyber information with the government.
The bills will also boost the DHS oversight of federal agencies in the instance of a data breach, a move that will “ensure that agencies are accountable to Congress and the public for data breaches,” Coburn said.
Agencies from the White House on down to the United States Postal Service all experienced breaches in 2014.
“This legislation is the first significant cyber legislation in a decade and among the most important legislation that has been passed this Congress,” said Rep. Patrick Meehan (R-Pa.), chair of the House subcommittee on cybersecurity.