The House is about to finally do something about cybersecurity, the author writes. | REUTERS Cybersecurity needs our full attention

Thursday, the House will finally take action on cybersecurity.

Threats in cyberspace pose a real and direct danger — to our economy and our security. Study after study and commission after commission have issued warnings and made recommendations. Not much has resulted — yet the threats continue to grow more numerous and more sophisticated. The House is now about to do something about it.


This week we are set to consider four bills that will begin to close the expanding gap between these growing threats and technological changes and the outdated laws and policies that cannot keep up.

The House is set to vote on legislation to update the Federal Information Security Act of 2002 — to push the government to do a better job of protecting its networks, requiring continuous monitoring and defense in depth. There are two bills that will focus more of our federal research and development efforts on cybersecurity, complementing the massive private-sector investment in this area.

The four bills also include legislation to help with information sharing. The federal government now has a great deal of information about threats, which it uses to help defend military and intelligence networks. But much of that capability is sidelined when it comes to defending the rest of the country — particularly critical infrastructure. The new House bill would allow government information to be shared with the private sector, private-sector information to be shared — voluntarily — with the government, and private entities to share with each other. There are safeguards to ensure that information is not misused and the privacy of individual Americans is protected.

The new bills are the product of many months of work that began early in this Congress. Speaker John Boehner (R-Ohio) and Majority Leader Eric Cantor (R-Va.) last year recognized that Congress could not go another session without beginning to reduce the nation’s vulnerability in cyberspace. They created a Cybersecurity Task Force to make recommendations and coordinate among the nine House committees with significant jurisdiction on this issue. Since the task force issued recommendations last fall, the various committees have been devising legislation.

These bills received bipartisan support and are the result of much listening and consultation with a wide variety of sources. They build on the work done in cybersecurity over the past few years by House Democrats, like Dutch Ruppersberger (D-Md.), Jim Langevin (D-R.I.), and others. While there are differences of opinion about some details, there is tremendous agreement about what needs to be done.

These bills are just the beginning. The most prominent criticism of the legislation has been that it does not go far enough. It is true that these four bills will not solve all of our problems in cyberspace. But it is likely a mistake to try to do so all at once.

In an area where the vast majority of what we want to protect is owned by the private sector — and where American innovation and competitiveness is key to our nation’s success — we need to tread carefully.

Each of the four bills is a start — a strong, significant start — but only a start. They will help make the country safer. But the Cybersecurity Task Force made a number of other recommendations that should be — and many are being — pursued by the appropriate committees.

The security of their computers and the information stored on them is at risk — every minute of every day. The damage from the information that is being stolen, manipulated or destroyed is already costing us jobs, chipping away at our competitiveness and undermining our national security.

Yet, as with so many issues, we cannot let the quest for the perfect, overarching bill prevent us from achieving the good, a-step-in-the-right-direction bill.

In cybersecurity, we cannot afford to wait any longer to get it done perfectly. We need to act now.

Rep. Mac Thornberry (R-Texas) is chairman of the House GOP Cybersecurity Task Force. He also serves as the vice chairman of the House Armed Services Committee and as a member of the Permanent Select Committee on Intelligence.

This article tagged under: Cyber Security

Mac Thornberry