In Congress, 11 years may not seem like a very long time. But in the world of technology, 11 years can hold a lifetime worth of changes. After all, in 2002, we didn’t have iPhones, iPads or Kindles. Twitter and Instagram did not exist, and Facebook was but a mere twinkle in Mark Zuckerberg’s eye.
When Congress first passed the Federal Information Security Management Act of 2002, we had far fewer ways to communicate and less sophisticated threats to our nation’s cybersecurity. Now, our options for communication are endless and the ways a creative hacker can access corporate and government secrets from a computer halfway across the world are limitless.
In the past year, major corporations, top newspapers and multinational non-government organizations have all been the victims of brazen cyberattacks. Similarly, the boldness and sheer number of cyberattacks on U.S. federal agencies have increased exponentially. A recent report from the Government Accountability Office found that cybersecurity incidents among 24 key agencies had increased more than 650 percent during the past five years.
Cybersecurity should be one of our top priorities for maintaining economic stability, public safety and national security. As President Barack Obama stated in 2009, “America’s economic prosperity in the 21st century will depend on cybersecurity.”
The culprits are varied, ranging from individual black hat hackers who act out of malice or personal gain to organized criminal groups, from terrorist networks to advanced nation states. To properly address this threat, it is crucial that our government become more adept at identifying and preventing their attacks.
Since its passage, FISMA has become less of a dynamic defense against cyberattacks and more of a routine compliance activity. A complacent, “check-the-box” mentality from a government agency will never be a match for the creativity of a hacker attempting to fly under the radar and access that agency’s secrets.
In 2012, the House unanimously approved a bipartisan bill that we introduced together as the chairman and ranking member of the House Oversight and Government Reform Committee to update FISMA for the challenges of the next decade. This issue affects all Americans, regardless of political affiliation, which is why we reintroduced our bill with bipartisan support last month as the Federal Information Security Amendments Act of 2013.
Our bipartisan legislation will address the shortcomings of FISMA by incorporating recent technological innovations. It will also enhance and strengthen the current framework that protects federal information technology systems. Perhaps most important, our bill will establish automated and continuous monitoring for existing systems, including regular threat assessments, so we are constantly checking for possible attacks.
Moreover, our bill will update and enhance the government’s cybersecurity defense without infringing on the privacy rights of Americans. It protects our federal IT systems while maintaining the security of personally identifiable information.
As technology continues to evolve, so will the sophistication and frequency of attacks to our cybernetworks.
Now is the time to update and strengthen our national defense on cybersecurity.