Skip to main content

Govt. to Weigh In on Cybersecurity Protections

The House Communications Subcommittee will be hearing from top government officials this week on how they are protecting cybersecurity, with a focus on how they are working with industry and what the proper role of government should be.

That is according to a witness list for the March 28 hearing that includes Admiral Jamie Barnett, chief of the FCC's Public Safety and Homeland Security Bureau, and officials from the National Telecommunications & Information Administration and the Department of Homeland security.

In a memo to staffers, the subcommittee points out that in earlier hearings and meetings with staffers, industry representatives have urged caution when it comes to government involvement, arguing that legislation could provide "few" solutions the industry is not already working on; that legislating standards would be aiming behind a fast-moving target; new laws put restraints on good actors that are ignored by the bad guys; and that regulations can provide a "road map for evasion."

In a nutshell, the staffers said, industry recommends the government "focus on education, information sharing, advancing voluntary best practices, and eliminating regulatory obstacles to collaboration between and among the private and public sectors."

The FCC gave a shout-out for voluntary self-regulation last week, endorsing the recommendation by the Communications Security, Reliability and Interoperability Council (CSRIC), a government-industry advisory group, that the industry adopt cybersecurity codes of conduct for addressing threats from botnets, malware and domain name hijacking. That was not surprise, since FCC Chairman Julius Genachowski had called on the industry to adopt such codes in a speech last month.

The DHS official could be in for some tough questioning. In an interview last week for C-SPAN's Communicators with subcommittee member Lee Terry (R-Neb.), co-chair of the House Cybersecurity Working group, when asked if DHS should be enforcing industry cybersecurity standards, had a succinct and Patton-like response: "Hell, no."