Friday, April 20, 2012

Letter from Lungren re: Protecting Americans from ID Theft

Those spam e-mails about “cheap Rolex watches” and more sophisticated phishing attempts by cybercriminals make up a $50 billion identity theft business.  Buyers, sellers, intermediaries and service providers offering to change billing addresses for stolen identities trade online in a highly structured cybercrime.  Additionally, cyberthieves rob Americans of their intellectual property, costing U.S. jobs and jeopardizing our economic future.
We are also seeing growth of cyberwarfare.  With the 2004 terrorist attacks in Madrid and the rise of improvised explosive devices (IED) in Iraq and Afghanistan, we have seen terrorists use cell phones, garage door openers and other remotely controlled electronic devices to detonate bombs.  Our enemies are using new weapons against us and we need to be prepared against more sophisticated cyberattacks.  


In 2010, we saw what has been called “the world’s first real cyberweapon” in Stuxnet, a worm that physically damaged Iran’s nuclear program.  We must be prepared should such advanced cyberattacks be directed against us – targeting anything from our power grid, transportation systems, or communication networks.  The risks are clear and our nation’s top government, intelligence and military leaders often cite the cyberthreat as the issue that most worries them.
We cannot just keep pace with – but must be one step ahead of – threats in our cybersecurity measures.  That is why I have authored the PRECISE Act, legislation which would better secure federal information systems and critical infrastructure.  This legislation would:
  • provide the Department of Homeland Security (DHS) with clear authority to facilitate our nation’s cybersecurity;
  • require DHS to designate a lead cybersecurity official, develop a cybersecurity strategy and attract and retain skilled cybersecurity personnel;
  • authorize DHS to conduct research, development, testing and evaluation of cybersecurity technologies;
  • authorize the National Cybersecurity and Communications Integration Center (NCCIC) to gather information, coordinate with other agencies and disseminate timely threat information while ensuring this information is protected;
  • encourage but not mandate the private sector share information with the NCCIC; and
  • establish a 13-member private sector board of advisors to assist the information sharing process and monitor the NCCIC.
The Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies considered the PRECISE Act in February, voting to move it forward to the full Homeland Security Committee.  This week, the full Committee took up my bill in a mark-up session.  Throughout the drafting process, I have met with stakeholders, listening to their concerns and working to improve the bill.  As a result, at the full Committee hearing I offered a modified version of the bill that removed language attempting to improve cybersecurity standards of critical infrastructure.  The past approach had little support at the time, so I will continue to work on improving our legislative language and will fight for stronger critical infrastructure cyberstandards in the coming months.  Passing the modified PRECISE Act out of the full Committee is a good first step.
Strong cybersecurity can protect our economy, but we also need to focus on a sustainable economic recovery.  I am looking forward to welcoming Sacramento-area leaders next week for our annual “Cap to Cap” visit to discuss needs, challenges, and opportunities facing our region and what Congress can do.  Look for an e-mail from me with highlights from that trip next week.
Sincerely,

Daniel E. Lungren
Member of Congress

No comments:

Post a Comment