24 July 2015

Congress Wants to Give Department of Homeland Security Responsibility for Policy US Government Computers

July 23, 2015

After hack, U.S. lawmakers look to protect ‘dot-gov’ domain

Republican and Democratic U.S. senators introduced legislation on Wednesday to give the Department of Homeland Security more authority to protect government Internet addresses, hoping to prevent more cyber attacks like recent massive breaches at the government’s hiring office.

Katherine Archuleta, the chief of the Office of Personnel Management (OPM), resigned earlier this month after the computer hacks, possibly linked to China, put the personal data of some 22 million Americans at risk. The attacks prompted calls in Congress for huge improvements in monitoring and protection of government systems.

“This cyber attack points to a broader problem,” said Republican Senator Susan Collins, one of the bill’s lead sponsors.

Among other things, the legislation would give the DHS the authority to monitor all federal agencies in the “dot-gov” Internet domain, and operate defensive countermeasures. Currently, each agency monitors its own networks and then requests help from the DHS if it feels it needs it.


The measure also would direct the DHS to conduct risk assessments of any network within the government domain.

Sponsors of the bill include Collins and fellow Republican Senators Dan Coats and Kelly Ayotte, as well as Democratic Senators Mark Warner, Barbara Mikulski and Claire McCaskill.

Warner said the intention was for the DHS to protect “dot-gov” web addresses the way the National Security Agency protects “dot-mil” military addresses.

The senators said they looked to offer their bill as an amendment to another cyber security measure, extending liability protection for companies that share information about cyber attacks, which has been making its way through Congress.

Collins, a member of the Senate Intelligence Committee, said she thought the Senate could vote on the legislation within weeks, either before leaving in early August for a four-week recess, or in early September.

No comments: