[updated July 20, 2011, 6:10 pm EDT] Correction: Broadbandbreakfast.com incorrectly reported that the Cybersecurity and Internet Freedom Act of 2011 does not contain a provision for a Director of the proposed Office of Cyberspace Policy.
WASHINGTON, July 20, 2011 – Despite bipartisan agreement over the need for effective cyber security legislation, members remain divided over authority and enforcement specifics.
In a letter to the Editor in the Saturday edition of the Washington Post, Rep. Jim Langevin (D-RI) critiqued another article published early July in which Sens. Joe Liebermann (ID-CT), Susan Collins (R-ME) and Tom Carper (D-DE) recommended proposed legislation that would grant the Department of Homeland Security (DHS) statutory authority to work with industry to identify and evaluate critical cyber infrastructure and establish best practices between government and the private sector in order to improve security.
“The alternative could be a digital Pearl Harbor — and another day of infamy,” stated the senators.
Rep. Langevin, however, feels avoiding a "digital Pearl Harbor" with a cyber security gold-standard might be missing the mark, Langevin spokesman Jonathon Dworkin told BroadbandBreakfast.com on Saturday.
“We are supportive of their overall efforts, but [the senators] - and the White House - continue to leave out one of the core recommendations of the CSIS Commission, which is a strong White House Director that has the necessary authority to lead and coordinate the kind of comprehensive strategy we need,” said Dworkin.
The increasing dependence upon networked systems, and the vulnerabilities of critical infrastructure systems, makes fears of a major assault by a cunning adversary with digital weaponry no longer sound like something out of the show “24.” The string of publicized cyber intrusions and data breaches against major U.S. companies and government agencies make these fears ever more real.
The lack of strong diplomatic and military components to the senators’ plan was Langevin’s main concern.
“Defense Secretary Leon Panetta has warned of threats posed by other nations and terrorist organizations,” said Langevin - who founded the Congressional Cybersecurity Caucus - in his letter.
“The senators’ plan would give primary responsibility for our nation’s cyber-strategy to the Department of Homeland Security. However, while Homeland Security is doing impressive work domestically, our international effort requires a whole-of-government approach.”
While the Lieberman, Collins and Carper’s plan advocates giving more authority to DHS, Langevin is a believer in of the creation of a new position Executive Branch position that would coordinate cyber security efforts across government.
“The bipartisan Center for Strategic and International Studies’ cybersecurity commission, which I co-chaired,” said Langevin, “emphasized the need for a White House cybersecurity director, confirmed by the Senate, who would have budgetary and policy authority across government to require that agencies apply sufficient resources to protect themselves online.”
Despite some confusion in Rep. Langevin's office as to the content of the bill, all parties seem in agreement: Section 102 of the Senate bill does, in fact, contain a provision for a White House Office of Cyberspace Policy Director, appointed by the President and confirmed by the Senate.
"Our legislation – the Cybersecurity and Internet Freedom Act - would establish an office of cyberspace policy at the White House, headed by a Senate-confirmed Director, to coordinate cyber security efforts across the federal government," said the senators through a joint release Wednesday afternoon. "The Director would ‘oversee, coordinate, and integrate all policies and activities of the federal government across all instruments of national power relating to ensuring the security and resiliency of cyberspace, including … diplomatic, economic, military, intelligence, homeland security, and law enforcement policies and activities within and among federal agencies,’ very similar to what Congressman Langevin calls for. We appreciate Congressman Langevin’s commitment to cyber security and agree with him that it is imperative Congress pass comprehensive cyber security legislation."
Langevin, announced the establishment of the Rhode Island Cyber Disruption Team last Monday, and was in attendance during the Pentagon’s cyber strategy announcement on Thursday.
[July 20, 2011, 6:37 pm EDT] Update: Jonathon Dworkin, Communications Director for Rep. Langevin issued a statement concerning his previous correspondence in regards to the Senate bill: "My email was misleading because the Senators' bill, unlike the White House proposal, does have a Senate-confirmed White House position. While there are differences in our respective proposals, we continue to be supportive of what [the Senators] are doing and look forward to continuing to work together to most effectively strengthen our cybersecurity."