FEBRUARY 15, 2012


A bill introduced by leading U.S. senators yesterday requires the owners and operators of our nation’s critical computer networks to safeguard against hackers.

Essentially, under this bill, the Department of Homeland Security would have the power to identify systems that may cause mass casualties or catastrophic economic damage when attacked. Those identified as a “Covered Critical Infrastructure” would be required to prove or improve security according to the set regulations of the sector-specific agency. Companies would have to show that their networks are secure or face penalties.

The bill calls for identifying vital information networks and setting security requirements for companies and government agencies. Lawmakers and regulators say rules are needed to fight increasingly sophisticated cyber attacks capable of disrupting power grids, banks and communications networks.
Read more . . .

By Chris Strohm, Bloomberg

This bill, called the ‘‘Cybersecurity Act of 2012’’, is a combination of cybersecurity bills introduced during the past three years. One provision not included is the Internet “kill switch” language that caused so much controversy in the past, but there is still a lot of backlash toward this bill because of the burdening cost that it is expected to create on companies. The Homeland Security and Government Affairs Committee, chaired by Joe Lieberman (I-CT), has scheduled a hearing on the ‘Cybersecurity Act of 2012’ on February 16, but surely the debate over this bill will continue so that other committees have a chance to take up the issue.

Whatever the outcome, the bill will include companies taking more responsibility for securing their own networks. This means scheduling the needed security services to maintain a secure environment that thwarts off hackers and ensures your computer networks are not vulnerable.

Posted by Mike Fitzpatrick, CRISC, CEO, NCX Group