Go Back   SZONE.US Forums > Current Events > News > The Heritage Foundation

The Heritage Foundation Since its founding in 1973, The Heritage Foundation has served as a research and educational institute -- a think tank -- whose mission is to formulate and promote conservative public policies based on the principles of free enterprise, limited government, individual freedom, traditional American values, and a strong national defense

The Heritage Foundation

New Cyber Bill Strikes Better Balance in Keeping Agencies Accountable

Thread Tools Search this Thread Rate Thread
Unread 10.30.17, 12:59 PM
@Heritage @Heritage is offline
Join Date: 06.09
Posts: 37,071
New Cyber Bill Strikes Better Balance in Keeping Agencies Accountable

On 10.30.17 07:58 AM posted by Paul Rosenzweig

In an era marked by high-profile cyberattacks and hacks, U.S. government agencies need to be held accountable for implementing adequate security standards to better mitigate those risks.

In May, President Donald Trump issued an executive order requiring federal agencies to assess their own cybersecurity, an assessment that is then reviewed by the Department of Homeland Security and the Office of Management and Budget.

In February, the House Science, Space, and Technology Committee proposed supplemental legislation, the Cybersecurity Framework, Assessment, and Auditing Act.

The initial draft of the bill tasked the National Institute of Standards and Technology with auditing the cybersecurity measures of government agencies. We criticized the proposal because that task is traditionally reserved for the Government Accountability Office or the inspector general of each agency.

In 2014, the institute created a cybersecurity framework compiling a list of best practices from existing industry standards. Today, the framework is the leading tool for assessing cybersecurity.

While there is little disagreement that the National Institute of Standards and Technology did a good job in compiling cybersecurity practices and tools to measure preparedness, the institute is not equipped to audit compliance with those practices, and requiring it to do so would erode the institute’s standing as a neutral arbiter.

For that reason, we were concerned that the proposal might make stakeholders less likely to share information with the institute, since that information might then be used in an audit from the institute.

After taking into consideration feedback from the public and undergoing a review, the House committee made amendments to the bill that addressed these concerns.

Under the updated proposal, which will be brought to the House floor, the National Institute of Standards and Technology would be tasked with working with the inspectors general to perform yearly evaluations. The institute will be responsible for providing an initial assessment of preparedness, providing technical assistance, and making recommendations to improve security.

The Council of the Inspectors General, the organization that oversees inspectors general, in turn would be responsible for providing training and evaluating effectiveness.

This new division of labor is an improvement, as it makes better use of the unique strengths of the National Institute of Standards and Technology and the inspectors general.

The post New Cyber Bill Strikes Better Balance in Keeping Agencies Accountable appeared first on The Daily Signal.

Reply With Quote

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Rate This Thread
Rate This Thread:

All times are GMT -8. The time now is 05:09 PM.

Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright 2007 - 20017 SZONE.US All rights reserved