Major Policy Developments for the 114th Congress: CYBERSECURITY


The increasing and nearly daily occurrences of cybersecurity attacks against both public and private sector entities that service the every- day lives of Americans  continues to raise the importance of addressing cybersecurity issues head on. Members of Congress feel a level of frustration about the lack of movement on legislation as they seek to balance security with privacy. Members of the House and Senate continue to work together to seek
ways to pass cybersecurity bills in the lame duck session. Member retirements in key leadership  roles, such as with Chairman Rockefeller in the Senate and Chairman Rogers in the House, could spur action, as  they face a crowded calendar of “must- do” bills. Given the odds against anything being approved  this year, anticipate that enactment of cybersecurity legislation will again be a top issue for  the 114th Congress. Also expect continued executive action by the President as a means to move the ball forward on this issue while the Congress continues to work through the process. With few  exceptions, the key congressional players engaged in cybersecurity– related initiatives in the last Congress will remain the same and will provide some continuity for the public and private sector participants who have been closely following the process.

Efforts focused on increased cyber information sharing and associated liability protections will continue in both chambers, with the expectation that leading Members in both the House and Senate will again introduce bills in the various committees. With a new chairman at the helm of the House Permanent Select Committee on Intelligence, the approach pursued by the leadership of the  committee may vary given private sector privacy concerns and continued White House opposition to  the proposed Cyber Intelligence Sharing and Protection Act (CISPA). The Senate has moved forward
with information sharing legislation in a bipartisan fashion in the past. Anticipate that approach will continue.

Anticipate introduction of bills in the 114th Congress similar to those we have seen in the past, such as those focusing on the need to strengthen the capabilities of the U.S. Department of Homeland Security (DHS) in the area of cyber—maintaining a  civilian agency as a partner to the private sector. Others will include a focus on codifying the
mandate of: the National Cybersecurity and Communications Integration Center (NCCIC), strengthening the hiring abilities of DHS to build and maintaining a cybersecurity workforce, increasing investments in cybersecurity research and development, and updating the Federal Information Security Modernization Act (FISMA).

The annual appropriations bills will also continue to be a vehicle for moving cybersecurity-related provisions, including language that restricts purchases from specifically targeted Chinese entities based on supply chain security issues that were included in the House’s FY 2015 Commerce-Justice-Science appropriations bill.

At the end of the day, it is clear that the Obama Administration will continue to use its executive authority to address cybersecurity concerns and will remain actively  engaged in the implementation of the February 2013 Cybersecurity Executive Order (EO) 13636 and  Presidential Policy Directive (PPD-21). The release of the Cybersecurity Framework in 2014, almost exactly a year from the issuance of EO 13636, and the recently issued EO on data security, signals  that other EOs may be in the works and should be closely watched.

Since the issuance of EO 13636, almost every department and independent agency has taken an active role on cybersecurity issues in the last nearly two years as  concerns grow over the impact of cybersecurity attacks on the sixteen Critical Infrastructure (CI)
sectors defi in the EO. The Securities and Exchange Commission (SEC), for example, has begun  spot checks of companies to ensure adequate fillings on cyber risk. The Federal Trade Commission (FTC) has filed 53 lawsuits against hotels and retailers using its consumer protection authorities, and is seeking greater enforcement and rulemaking powers  from Congress. The Federal Communications Commission (FCC) has begun eff to look at ways to  address the lack of existing cybersecurity regulations on the communications sector. It is safe to  say that there will be an increasingly activist oversight role by every one of these agencies in  the last two years of the Obama Administration.

On the international front, concerns in a post-Snowden world have tied together the bilateral and multilateral negotiations on cybersecurity and privacy. The European  Union is working on its own cybersecurity regime under the Network and Information Systems (NIS)  Cybersecurity Directive along with the European Program for Critical Infrastructure Protection. The North Atlantic Treaty Organization (NATO) recently issued a statement about rules  of engagement on a cyber-attack. The Russian and Chinese governments recently reaffirmed the principle of national sovereignty in cyberspace. Expect more discussion in the international  realm on cybersecurity and privacy issues as governments focus more attention on the balance needed between security and
privacy protections.


Published by

Martin Milita

Martin Milita is a Senior Director at Duane Morris Government Strategies, LLC. Duane Morris Government Strategies (DMGS) supports the growth of organizations, companies, communities and economies through a suite of government and business consulting services. The firm offers a range of government relations and public affairs services, including lobbying, grant writing; development finance consulting, media relations management, grassroots campaigning and community outreach. Milita works at the firm’s Trenton and Newark New Jersey offices. Visit his blog at: Follow him on twitter: @MartinMilita1 BLOGROLL Martin Milita – Martin Milita :: Pinterest Martin Milita @ Twitter Martin Milita at Slideshare Martin Milita on Google+ Martin Milita Yola Site Martin Milita | Xing

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s