The House passed four cybersecurity bills last week but officials are concerned that the legislation is not putting enough emphasis on protecting the nation’s critical infrastructure, Federal News Radio reports.
Mark Weatherford, the deputy homeland security undersecretary for cybersecurity, told a cybcersecurity forum he is concerned with cyberattacks against aged industrial control systems.
Weatherford said threats to infrastructure were under the radar for a while but that is no longer the case.
Both Weatherford and DHS want cyber legislation to include provisions to allow companies to share threat-related information.
The House passed a cybersecurity information sharing bill last week, the Cyber Intelligence Sharing and Protection Act, that may meet DHS’ request.
DHS also wants codification of authorities and responsibilities for securing federal agencies’ and private companies’ systems.
Weatherford said authorizations allowing DHS to complete these duties are not updated, adding that DHS wants to adopt industry-led cyber standards for critical infrastructure.
Defense Department officials also indicated they wanted Congress to move forward with cyber legislation, particularly rulings that relate to information sharing.
Army Lt. Gen. Michael Flynn, assistant director of national intelligence for partner engagement and Defense Intelligence Agency director nominee, said partnerships are important to the Pentagon.
Since the government’s cyber forces are unable to share insight, the private sector has to pay more for security and information assurance, which Flynn said raises the cost for everything.
The White House threatened to veto the CIPSA bill based on privacy concerns and its neglect to giving DHS a stronger role in regulating infrastructure protection.
Rep. Jim Langevin (D-R.I.), who voted for the bill, indicated he was also concerned with privacy issues in CISPA as well as critical infrastructure components, according to the report.
Langevin said he hopes the bill comes back up because it does not yet appropriately address securing critical infrastructure.
However, he added that the bills are a point of progress.