Cybersecurity: Current Legislation, Executive Branch Initiatives, and Options for Congress

Abstract

Increasing focus on current cyber threats to federal information technology systems, nonfederal critical information infrastructure, and other nonfederal systems has led to numerous legislative cybersecurity proposals and executive branch initiatives. The proposed National Defense Authorization Act for Fiscal Year 2010 and the Intelligence Authorization Act for Fiscal Year 2010 both contain provisions that would affect programs and funding for current and future cybersecurity-related programs. In May 2009, the Obama Administration issued its 60-day review of cybersecurity policy, declaring that U.S. information networks would be treated as a strategic national asset. There is no single congressional committee or executive agency with primary responsibility over all aspects of cybersecurity; each entity involved pursues cybersecurity from a limited vantage point dictated by committee jurisdiction. Many different initiatives exist, but because of fragmentation of missions and responsibilities, "stove-piping," and a lack of mutual awareness between stakeholders, it is difficult to ascertain where there may be programmatic overlap or gaps in cybersecurity policy. Drawing from common themes found in the Comprehensive National Cybersecurity Initiative (CNCI), a study by the Center for Strategic and International Studies (CSIS) Commission for the 44th Presidency, and the proposed near-term action plan from the President's recent Cyberspace Policy Review, this report identifies priority areas in cybersecurity for policy consideration. The report then lists and synopsizes current legislation that has been developed to address various aspects of the cybersecurity problem. It then lists the current status of the legislation and compares legislation with existing executive branch initiatives. Finally, analysis of information contained in executive branch initiatives and congressional legislation is used to offer cybersecurity-related considerations for Congress.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 30, 2009
Accession Number
ADA508928

Entities

People

  • Catherine A. Theohary
  • John Rollins

Organizations

  • Library of Congress

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Civil Rights
  • Computer Network Security
  • Computer Security Techniques
  • Congress
  • Cyber Threats
  • Cyberattacks
  • Cybersecurity
  • Cyberspace Operations
  • Department Of Homeland Security
  • Governments
  • Information Systems
  • Law
  • National Governments
  • National Security
  • Organizational Structure
  • President (United States)
  • United States Government

Readers

  • Cybersecurity.
  • Defense Acquisition Program Management
  • Strategic Security Studies

Technology Areas

  • Cyber