The U.S. House of Representatives is scheduled to begin debate Wednesday on H.R. 285, a bill that would create the post of assistant secretary for cybersecurity, according to a spokeswoman for Rep. Christopher Cox (R-Calif.), chairman of the House Committee on Homeland Security.
The assistant secretary would be responsible for all cybersecurity-related critical infrastructure protection programs in the U.S. Department of Homeland Security (DHS), according to the proposed legislation. The measure was approved by a House subcommittee last month.
The post is part of more extensive homeland security legislation, the spokeswoman said.
"When it comes to ensuring the confidentiality, integrity and availability of computer networks, I believe that government and industry must work closely together," Rep. Bennie Thompson (D-Miss.), the ranking Democrat on the House Committee on Homeland Security, said in a statement (download PDF). "This effort requires attention at the highest level in both the public and private sectors if we are going to assure the security of our economy and our way of life."
The assistant secretary"s duties would include establishing and managing a national cybersecurity response system, a national cybersecurity threat and vulnerability reduction program, a national cybersecurity awareness and training program, a government cybersecurity program and a national security and international cybersecurity cooperation program.
In addition, the assistant secretary would also coordinate cybersecurity efforts with other federal agencies and develop processes for information sharing with the private sector. The person in the new post would also have primary authority within the DHS over the national communications system.
Last month, Paul Kurtz, executive director of the Cyber Security Industry Alliance (CSIA), a CEO-led public policy and advocacy group, testified in support of the assistant secretary"s position on behalf of the CSIA and the Business Software Alliance before the House Subcommittee on Economic Security, Infrastructure Protection and Cybersecurity (download PDF).
"We are seeing increased threats and vulnerabilities associated with our information infrastructure. We rely upon our information infrastructure, yet there is no one clearly in charge of coordinating its security and reliability," Kurtz said. "The department"s responsibilities to identify critical information infrastructure [and] develop emergency communications, contingency and reconstitution plans are compelling, yet the leadership is not."