|Dee Finney's blog
start date July 20, 2011
Today's date June 3, 2012
TOPIC FISMA: HR-4257
|H.R. 4257, Federal
Information Security Amendments Act of 2012
April 20, 2012
As ordered reported by the House Committee on Oversight and Government Reform on April 18, 2012
H.R. 4257 would amend the Federal Information Security Management Act of 2002 (FISMA) to improve the security of federal information technology systems. The legislation would require continuous monitoring of computer systems and provide the Office of Management and Budget (OMB) and federal agencies with specific new responsibilities to secure federal information systems.
Based on information from the Department of Homeland Security (DHS), the Office of Management and Budget (OMB), and other major agencies working to ensure the security of federal information systems, CBO estimates that implementing H.R. 4257 would cost $710 million over the 2013-2017 period, assuming appropriation of the necessary amounts. Most of those funds would be spent on salaries, expenses, and computer hardware and software. Enacting the bill would not affect direct spending or revenues; therefore, pay-as-you-go procedures do not apply.
H.R. 4257 contains no intergovernmental or private-sector mandates as defined in the Unfunded Mandates Reform Act (UMRA) and would impose no costs on state, local, or tribal governments.
House Declares Cybersecurity Week with Introduction of Four Cybersecurity Bills
Created by Rodney Petersen (EDUCAUSE) on April 24, 2012
The U.S. House of Representatives is introducting this week four pieces of legislation for votes. Below is a summary of each bill provided by House Speaker John Boehner:
Cyber Intelligence Sharing and Protection Act (H.R. 3523), introduced by Intelligence Committee Chairman Mike Rogers (R-MI), will help private sector job creators defend themselves from attacks from countries like China and Russia by allowing the government to provide the intelligence information needed to protect their networks and their customers’ privacy. The bill also provides positive authority to private-sector entities to defend their own networks and to those of their customers, and to share cyber threat information with others in the private sector, as well as with the federal government on a purely voluntary basis.
Federal Information Security Amendments (H.R. 4257), introduced by Oversight & Government Reform Committee Chairman Darrell Issa (R-CA), will enhance the Federal Information Security Management Act (FISMA) by improving the framework for securing information technology of federal government systems. It also establishes a mechanism for stronger oversight of information technology systems by focusing on “automated and continuous monitoring” of cybersecurity threats and regular “threat assessments and reaffirms the role of OMB with respect to FISMA, recognizing that the budgetary leverage of the Executive Office of the President is necessary to ensuring effective security over information technology systems.
Cybersecurity Enhancement Act (H.R. 2096), introduced by Rep. Mike McCaul (R-TX), will improve coordination of research and related activities conducted across the federal agencies to better address evolving cyber threats. The bill strengthens the efforts of the National Science Foundation (NSF) and the National Institute of Standards and Technology (NIST) in the areas of cybersecurity technical standards and cybersecurity awareness, education, and talent development.
Advancing America’s Networking and Information Technology Research and Development (NITRD) Act (H.R. 3834), introduced by Science, Space, and Technology Chairman Ralph Hall (R-TX), reauthorizes the NITRD program, which represents the federal government’s central R&D investment portfolio for unclassified networking, computing, software, cybersecurity, and related information technology and involves 15 member agencies. In the area of cybersecurity, the NITRD program focuses on R&D to detect, prevent, resist, respond to, and recover from actions that compromise or threaten to compromise the availability, integrity, or confidentiality of computer-and network-based systems.
These bills, collectively, promise to impact the various roles of higher education in significant ways, including the academic mission to educate the next generation of cybersecurity professionals, research and discovery of future solutions to our cybersecurity challenges, and the operations of campus computing networks that while not considered "critical infrastructure" are a key asset and important part of the overall Internet economy. EDUCAUSE will continue to monitor and report on these bills as they move through the House and will track similar actions in the Senate.
|THIS IS THE WAY IT USED TO BE: NO MORE NICE GUY
Fact Sheet 9:
Wiretapping and Eavesdropping on Telephone Calls
Copyright © 1993 - 2012
Privacy Rights Clearinghouse
Posted March 1993
Revised April 2012
STICKS STONES AND DANGEROUS WORDS: WES PRUDEN
By Ruth King on May 29th, 2012
The scholars and wordsmiths at the Department of
Homeland Security leave everyone who aspires to good citizenship
Some of the wordsmiths put together a manual for agents who track the
Internet, looking for evil-doers and those who aspire to evil-doing.
These agents are assigned to pick up suspicious words for further
investigation. Some of the worst of the evil-doers have been caught
after their schemes, plots and intrigues were detected in e-mails
intercepted by agents of the Department of Homeland Security.
Long lists of words the innocent should never use were acquired by the Electronic Privacy Information Center, a privacy watchdog group that obtained the lists through a request for documents under the Freedom of Information Act. It’s clear that federal agents who conduct Internet searches for offending words can succeed only if they have a lot of time on their hands.
Some of the words, like “attack” or “terrorism” or “dirty bomb,” are
so obvious that a cave man could detect them. Others, like the words
cops, police, riot, emergency landing, powder (white), swine, pork and
‘flu, do not seem so obviously dangerous. Your Aunt Evelyn in West
Gondola, scribbling an affectionate note at the bottom of a birthday
card, could invite federal scrutiny without intending to harm
Other words suspicious to the feds include:
The suspicious words are included in something called the Analyst’s
Desktop Binder, used by agents at the National Operations Center to
identify “media reports that reflect adversely on [Department of
Homeland Security] and response activities.”
The existence of the verboten list emerged from the bowels of
bureaucracy only after a hearing before a House subcommittee looking
into how analysts monitor newspapers, magazines, Internet sites and
social networks. They’re looking for “comments that ‘reflect adversely’
on the government.
This covers a lot of ground, sinful, criminal, harmless and
otherwise, but the Department of Homeland Security reassures one and all
that it is not looking for disparaging remarks about the Obama
administration, the government or the bureaucrats who work for the
government. They’re not looking for signs of “general dissent.” Of
course not. Who would suspect the government of poking its nose into the
business of private citizens? Would Janet Napolitano, the secretary
of homeland security, do that?
The government can nevertheless be dull and dim-witted. An
investigator for one of the many government security agencies, a young
man with the requisite 1950s haircut and polite manner, one day called
to ask whether I would vouch for the character of a young man, just out
of Harvard Law, who had applied for a position with a Senate committee.
I knew him to be exactly what the government should be looking for,
Harvard trained or not, and said so.
“Well,” the agent replied, “we have information that he lived abroad
for several years. Do you know why?”
I looked at the dates he had indeed lived abroad, in a large European
capital famous for its spies, furtive nocturnal liaisons and dark
diplomatic intrigues. “Yes,” I said, “that is roughly the time his
father was the American ambassador there, and the young man would have
been between 2 and 6 years old.”
The agent was not persuaded. “Still, that is a long time to live
abroad. He may have had a good reason to spend so much uninterrupted
time in a foreign capital, but we would like to know why.” The young was
finally cleared for duty several months later, the stain on his baby
The watchdog group that obtained the list of suspicious words
complained to the House subcommittee on counter-terrorism and
intelligence that the Homeland Security list is “broad, vague and
ambiguous,” and includes “vast amounts of First Amendment-protected
speech that is entirely unrelated to the Department of Homeland Security
mission to protect the public against terrorism and disasters.”
The bureaucrats trying to keep the homeland secure, even at the cost of damage to the First Amendment, now concede that its language is vague and should be “updated.” In the hands of normal speakers of English, the lists can be harmless enough, but computers are only as smart as whoever is punching the keyboard. That’s not always very smart. The hands of government agents are heavy on all of us. That’s why watchdogs need teeth.
Wesley Pruden is editor emeritus of The Washington Times.
Categorized under: Main.
Tagged with: no tags.
|more to come when the senate takes it up