[Congressional Record Volume 156, Number 90 (Wednesday, June 16, 2010)]
[Extensions of Remarks]
[Page E1123]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




         PROTECTING CYBERSPACE AS A NATIONAL ASSET ACT OF 2010

                                 ______
                                 

                            HON. JANE HARMAN

                             of california

                    in the house of representatives

                        Wednesday, June 16, 2010

  Ms. HARMAN. Madam Speaker, the stark image on millions of television 
screens around the world is of a broken pipe one mile underwater, 
spewing tens of thousands of gallons of oil into the ocean each day.
  This deadly and disturbing horror could be replicated should we have 
a major cyber attack--broken networks spewing tens of thousands of 
terabytes of information about critical infrastructure, national 
security, mission-critical data and personal financial records.
  Indeed, damage caused by the worst environmental disaster in U.S. 
history could pale in comparison to the chaos that could ensue after a 
major cyber attack.
  So today, Madam Speaker, I am pleased to introduce with Rep. Peter 
King the companion bill to S. 3480, The Protecting Cyberspace as a 
National Asset Act of 2010. Authored by Senators Lieberman, Collins and 
Carper, S. 3480 was the subject of a legislative hearing yesterday in 
the Senate, and is moving there on a fast track.
  In the words of former Assistant Secretary of Homeland Security for 
Policy Stewart Baker, ``we are going to have a meltdown'' if we fail to 
act to protect our cyber networks.
  Right now we are chasing the problem. We need to get ahead of it. As 
described in the report released today by the Government Accountability 
Office--we face daunting challenges in tackling this problem, 
including: a lack of sustained leadership, insufficient resources, 
authority to enforce actions in the event of an imminent cyber attack, 
the need to partner with other federal agencies and private sector 
entities and insufficient education and training.
  All of which this bill aims to correct.
  First, the bill would establish a coordinating mechanism at the White 
House--an Office of Cyberspace Policy--to develop a national strategy 
for securing and improving the resiliency of cyberspace.
  Second, it would create a National Center for Cybersecurity and 
Communications at the Department of Homeland Security to identify and 
mitigate cyber vulnerabilities. The Center would be charged with 
providing situational awareness, conducting risk-based assessments of 
threats, identifying vulnerabilities, managing external access points 
for federal networks, overseeing operations of US-CERT, and working 
with the private sector to establish security requirements to 
strengthen vital components of critical infrastructure like the 
electric grid and telecommunications networks.
  Third, the key section of the bill provides the President with 
authority--in consultation with Congress--to impose emergency security 
measures on critical infrastructure networks in the event of a 
catastrophic cyber attack. Presently, this authority is ad hoc.
  Fourth, this legislation requires development of a supply chain risk 
management strategy to address risks and threats to information 
technology products and services upon which the federal government 
relies.
  Finally, the bill requires the new Department of Homeland Security 
Cybersecurity Office to consult with the Privacy & Civil Liberties 
Oversight Board mandated in the 2004 Intelligence Reform & Terrorism 
Prevention Act. Sadly, this Administration has yet to nominate 
individuals to serve on the Board. Additionally, the Director of the 
National Center for Cybersecurity and Communications is required to 
designate a privacy officer to review activities of the Center and 
conduct privacy impact assessments to ensure information is being 
collected in a manner that protects privacy and civil liberties of U.S. 
persons.
  With strong leadership to implement it, this bill will plug the 
gaping hole in our cyberdefenses--while we have the chance to do so--
and, hopefully, prevent another potential devastating disaster.
  I urge its prompt enactment.

                          ____________________