House Passes McCaul-Lipinski
Cybersecurity Enhancement Act to Secure Federal Networks, Critical
Infrastructure and America's Competitive Edge
May 7, 2012
The U.S. House passed
The Cybersecurity Enhancement Act, taking an essential step toward
securing our federal computer networks and critical infrastructure,
while helping to protect businesses and individuals from cybercrime.
H.R. 2096, introduced by Congressman MichaelMcCaul (R-TX) and
co-sponsored by Congressman Dan Lipinski (D-IL), passed the House
“If agents of a foreign government broke into the Pentagon and stole
top-secret documents from filing cabinets it simply would not be
tolerated, yet this is what happens every day in the virtual world,”
said Congressman McCaul, Chairman of the Homeland Security Oversight &
Investigations Subcommittee. “China has already stolen critical design
and electronics information for the F-35 Joint Strike Fighter, allowing
them not only to copy the plane, but to guard against it as well.
Thatbreach is a direct threat to our national security, the safety of
the American people and our interests abroad. Hardening our networks
against espionage must be a top priority,” added Rep. McCaul, who is
also a member of the Speaker’s Cyber Taskforce and co-founder and
co-chairman of the Congressional Cybersecurity Caucus.
“Cybercrime poses an enormous and under-recognized threat to America’s
national security, economy, businesses, and households,” said Rep.
Lipinski, the Research and Science Education Subcommittee Ranking
Member, who introduced the Cybersecurity Enhancement Act in the 111th
Congress. “This bipartisan bill will help eliminate the shortfall of
skilled cybersecurity professionals and develop the technologies we need
to defend our infrastructure, industry, and the public from cybercrime.
Foreign countries as well as international criminal organizations have
penetrated the computer defenses of military contractors, government
agencies, and financial and other companies whose systems control
critical infrastructure. Intellectual property theft by hackers based in
China now constitutes a new form of trade war that blunts America’s
competitive edge. Yesterday, the Homeland Security Committee heard from
witnesses about Iran’s development of a ‘cyber army.’ Meanwhile,
identity theft is a growth industry costing $50 billion annually. I urge
the Senate to follow the lead of the House and quickly pass this
legislation for the sake of the American people.”
An October 2011 report to Congress on foreign economic collection and
industrial espionage states it is part of China and Russia’s national
policy to try to identify and steal sensitive technology to blunt
America’s competitive edge and bolster their own economic growth.
The McCaul-Lipinski bill will help harden federal networks, spur
research and development, build ourAmerican cyber workforce and enable
the government, universities and private sector to collaborate more
easily on cybersecurity R&D.
“These important bills will help promote more security and reliability
in our networks while safeguarding consumers' rights and information,"
Christopher Padilla, Vice President, IBM Governmental Programs, said of
the McCaul-Lipinski legislation and three other cyber bills before the
The U.S. Chamber of Commerce calls the McCaul-Lipinski bill “an
important step toward improving federal cybersecurity R&D activities to
improve the security, reliability, and resilience of America’s digital
infrastructure in partnership with industry.”
The Cybersecurity Enhancement Act incorporates several key
recommendations of the Center for Strategic and International Studies’ (CSIS)
Commission on Cybersecurity for the 44th President, which Congressman
McCaul co-chaired. The commission presented the report Securing
Cyberspace for the 44th Presidencyto President Obama detailing
recommendations for securing government networks and critical
R&D: Requires a strategic plan to guide federal cybersecurity research
and development and reauthorizes cybersecurity research and development
Develops the skilled cybersecurity workforce needed by both government
and the private sector: Creates cybersecurity scholarship programs at
NSF that can be repaid with federal service and reauthorizes
cybersecurity fellowship grants and training for graduate students.
Improves coordination outside of government: Creates a
federal-university-private-sector task force to coordinate research and
development between the public and private sectors.
Improves coordination in government: Gives the National Institute of
Standards and Technology the authority to set security standards for
federal computer systems and develop automated checklists for agencies
Improves computer hygiene: Creates an education and awareness program,
which the NSA says would help remedy the majority of vulnerabilities we
Sets forth procurement standardsfor hardware and software that will
minimize security risks and have a ripple effect on the private sector.
Congressional hearings on cybersecurity have revealed most federal
agencies have been hacked into, and that the federal government is under
threat of cyber attack on a daily basis. Many attacks are classified as
espionage, with foreign countries stealing government information. One
data dump was equivalent in size to the Library of Congress. Other
attacks are believed to have been attempts to shut down federal networks
and cause harm.