New cybersecurity legislation aims to bolster the U.S. government’s attribution capabilities as well as foster an increasingly close relationship between government, industry and academia.
Attack attribution has been at the center of a global debate over alleged Russian hacking of American political targets during the 2016 U.S. elections. Even the many officials and experts who agree that Russia was responsible say that the publicly-released evidence has been underwhelming, due in large part to the protection of sources and methods by American intelligence. Increased capability in this arena could alter the ultimate outcome of future attacks.
The Rapid Innovation Act of 2017, co-sponsored by Texas Republican Reps. John Ratcliffe and Michael McCaul, would make innovation in cybersecurity a responsibility of the Department of Homeland Security’s undersecretary for science and technology. The bill, which emerged from the Homeland Security Subcommittee on Cybersecurity, passed the House last week and is now headed to the Senate. Ratcliffe is the subcommittee’s chairman, and McCaul is the full Homeland Security panel’s chairman.
The bill does not propose new spending authority. Instead, the undersecretary is directed to support public-private coordination to more quickly advance American cybersecurity research. In addition to better attribution, the legislators want research on improving attack and intrusion detection, mitigation and recovery, critical infrastructure source-code security review and vulnerability reduction in industrial control systems.
The full list of research and development topics specified in the bill:
- Advance the development and accelerate the deployment of more secure information systems.
- Improve and create technologies for detecting attacks or intrusions.
- Improve and create mitigation and recovery methodologies and development of resilient networks and information systems.
- Support the review of source code that underpins critical infrastructure information systems.
- Develop and support infrastructure and tools to support cybersecurity research and development efforts.
- Assist the development and support of technologies to reduce vulnerabilities in industrial control systems.
- Develop and support cyber forensics and attack attribution capabilities.
DHS is responsible for the defense of U.S. government networks through multibillion-dollar tools like Einstein and Continuous Diagnostics and Mitigation (CDM). Despite the price tags, protection has been uneven and highly criticized.
The bill is now being reviewed by the Senate Homeland Security and Governmental Affairs Committee.