FOR IMMEDIATE RELEASE:                                         
February 1, 2012

CONTACT:
Jonathon Dworkin
Director of Communications
401-732-9400

Becomes part of bill he co-sponsored that finds bipartisan way forward to protect critical infrastructure

WARWICK, RI - During consideration today of cybersecurity legislation that will ensure protections for critical infrastructure, the House Homeland Security Committee approved a proposal by Congressman Jim Langevin (D-RI) that recognizes the importance of working with groups at the regional and local levels to prevent and respond to cyber incidents. The proposal, inspired by efforts underway in Rhode Island, was added today in the committee markup of the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness (PrECISE) Act.

Overall, the bill represents a bipartisan agreement by Langevin and its author, Congressman Dan Lungren (R-CA), on a way to strengthen network security of vital assets that are privately owned and operated, such as the electric grid, water and sewage facilities, and financial services systems. Lungren chairs the Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies.

Langevin's proposal is the result of recommendations made at a cybersecurity workforce workshop he arranged in October with the Departments of Defense and Homeland Security at the National Defense University. Theresa Murray, who has since been named Director of the Rhode Island Emergency Management Agency, participated to highlight the partnership of top universities, private computer security businesses and local government that Langevin helped her establish to improve the state's cyber workforce and protect its critical networks. Her comments and the ensuing discussions at the event helped shape the new legislation. (Further details below)

"There is a grassroots effort in parts of the country to stand up local and regional centers of cyber excellence, working with industry, academic partners, law enforcement and officials across different levels of government," said Langevin, who co-founded the Congressional Cybersecurity Caucus. "We must encourage this kind of cooperation throughout the nation. My amendment will ensure that the Department of Homeland Security (DHS) helps support and expand these efforts, and uses regional expertise to build up our capabilities to respond to cyber incidents that impact regional critical infrastructure."

Langevin also recognized the broader legislation, approved by Chairman Lungren's subcommittee today, as a key step forward to combating cyber threats that pose the greatest potential for physical and economic damage. As stated by the Homeland Security Committee, the measure would allow DHS to work with the private sector and sector specific agencies that have regulatory authority over critical infrastructure to identify and evaluate cybersecurity risks. DHS would be required to produce cybersecurity standards specific to individual industries that the companies within those industries must meet.

In addition, the legislation provides DHS with the authority to help coordinate federal government cyber capabilities and would establish the National Information Security Organization (NISO), a private-sector-controlled not-for-profit organization to facilitate best practices, provide technical assistance, and enable the sharing of cyber threat information across critical infrastructure and with the federal government, while also protecting privacy and civil liberties. 

"This bill reflects significant bipartisan affirmation that the status quo is unacceptable and shows that progress toward closing the alarming vulnerabilities among our critical infrastructure is possible if our leaders are committed to working together on solutions," said Langevin. "We know voluntary guidelines simply have not worked. For the industries upon which we most rely, government has a role to work with the private sector on setting security guidelines and ensuring they are followed. I thank Chairman Lungren for his commitment to improving our cybersecurity and for working with me to ensure our top priorities on this issue are addressed."

Details of Langevin's proposal (also see pg 50-51):

Langevin's proposal, contained in the amendment in the nature of a substitute offered by Chairman Lungren, requires the Secretary of Homeland Security to report to Congress on how the Department will support regional, state, and local grassroots cyber cooperatives designed to decrease cyber disruptions to critical infrastructure, increase cyber workforce training efforts, increase community awareness of cybersecurity, organize community cyber-emergency preparedness efforts, build resiliency of regional, state, and local critical services, and coordinate academic, technical and policy research efforts.  The report will include:

• A plan for introducing a grant process for pilot regional, state, or local cyber cooperatives that would be implemented within 90 days of the report.
• Recommendations for integrating regional, state, and local grassroots cyber cooperatives in regional, state and federal cyber disruption plans.
• A plan for increasing cyber threat information sharing between regional, state, or local cyber cooperatives, the Federal Emergency Management Agency, the Department of Homeland Security, and the National Information Security Organization (NISO).
• A plan to promote through the NISO a ground up, community-based network of cyber cooperatives.
  A plan for establishing a Federal online portal for existing groups to coordinate online training, best practices, and other cybersecurity integration efforts.
• A plan for utilizing federal cyber assets in support of disaster response efforts, as well as support to regional, state, and local cyber cooperatives.