The United States government houses an IT infrastructure that is both vulnerable and outdated. Congressman Will Hurd has begun a campaign to do something about it. Rep. Hurd gained some notoriety during a poignant exchange with FBI Director James Comey. A congressional probe has just concluded that the two recent waves of cyber attacks are likely connected. The DNC hacks distracted us from the task of nominating a presidential nominee and created a sense of insecurity in the nation. Nation-state actors are probing and attacking this country via cyber. Little is done, and less is discussed in the mainstream media and the halls of Congress, until very recently.
Cyber Command is set to become a combatant command eventually. Being able to respond to cyber attacks is important. Cyber attacks have become common enough that experts are now warning they’ll continue as part of a new status quo. Hillary Clinton wants a ‘Manhattan Project’ to defeat encryption.
A wave of IT and cyber security rhetoric is set to make up the main talking points for future funding and defense-related debates. Hopefully, a massive failure like the data breach at OPM is not repeated before then. Something could be done now, and a repeat of the OPM data breach is preventable.
Rep. Hurd has not only advocated for increased awareness and funding to improve our cyber security, he wants a cyber National Guard. For all the training commands and various units that exist, this would be a particularly useful one. Hurd was prompted to take action during an oversight committee. He says, “I knew the federal government had a real problem with cyber security. But there was one moment, during an oversight hearing with the senior security officer at the Social Security Administration (SSA), that I realized it was even worse than I originally thought.”
In the same hearing, Hurd asked the agency head a simple, direct question and got a vague answer.
“I asked a simple question about what the agency, which stores the personally identifiable information for nearly all Americans, was doing to patch bugs revealed by a technical vulnerability assessment. The official’s less-than-helpful answer? ‘Very many different things.'”
The federal government spends more than $80 billion on IT procurement, most of which is used to maintain our outdated system. The IT infrastructure is so cumbersome, much of the budget that might improve it is spent on keeping it alive. Thankfully, Rep. Hurd is making efforts to improve the situation.
Here are three main components of a new IT bill championed by Rep. Hurd and others, named the MOVE IT act.
- Reforms and streamlines the existing Federal Risk and Authorization Management Program (FedRAMP), which standardizes and reduces the cost of assessing the security of cloud computing services used by federal agencies
- Allows federal agencies to use more flexible “IT working capital fund” to replace outdated IT systems, with savings reinvested and returned to the U.S. Treasury
- Implements new oversight mechanisms—including semi-annual reports—to ensure robust congressional oversight of federal IT modernization efforts
Hopefully this is the beginning of increased scrutiny regarding digital information and how to secure information in the digital age. This bill ought to be supported, and more efforts to address our digital vulnerability considered.
Featured image courtesy of www.huffingtonpost.com.