Chairman Carper Welcomes Administration Announcement on Cybersecurity and Consumer Protection

WASHINGTON – Today, Sen. Tom Carper (D-Del.), Chairman of the Homeland Security and Governmental Affairs Committee, welcomed the President’s latest Executive Order to better safeguard consumers’ financial security and the creation of the Summit on Cybersecurity and Consumer Protection.

“Nearly every day, we learn of more cyber attacks and data breaches that underscore just how vulnerable we really are to hackers seeking to steal from us or do us harm,” said Chairman Carper. “As we have learned over the years, we are unfortunately all targets in cyberspace. Given all that relies on a safe and secure Internet, it is vital that we do what’s necessary to protect ourselves from these repeated attacks. That’s why I welcome the President’s efforts to take additional steps to tackle this problem and keep our sensitive information secure. The government and industry need to continue to work together to address this ever growing threat to our nation, and the task force the President is putting together will do just that. But the Administration can’t do it alone; Congress also has the responsibility to act. I echo the President’s call for Congress to come together to pass cybersecurity and data breach legislation this year. I have introduced four bills with bipartisan support that would go a long way in addressing several key challenges that all of us face online. This is an important opportunity for the government to lead by example. I am committed to continuing to work with my colleagues on both sides of the aisle, the Administration, and stakeholders to build on this latest executive order and pass legislation that addresses this critical issue as soon as possible.”

The DHS Cybersecurity Workforce Recruitment and Retention Act of 2014 would help address critical challenges that the Department of Homeland Security (DHS) faces in hiring and retaining cybersecurity professionals by providing the Secretary of Homeland Security hiring and compensation authorities for cybersecurity experts like those of the Secretary of Defense. The measure was unanimously approved by the Senate as part of S.1691 on September 18

The National Cybersecurity and Communications Integration Center Act of 2014 would codify the existing cybersecurity and communications operations center at the Department of Homeland Security (DHS), known as the National Cybersecurity and Communications Integration Center. The bill calls on the Center is to serve as the federal civilian information sharing interface for cybersecurity. The bill authorizes the Center’s current activities to share cybersecurity information and analysis with the private sector, provide incident response and technical assistance to companies and federal agencies, and recommend security measures to enhance cybersecurity. It was reported out of the Homeland Security and Governmental Affairs Committee on June 25.

The Federal Information Security Modernization Act of 2014 would update the Federal Information Security Act of 2002 and address critical issues that have risen over the past 12 years. The bill would better delineate the roles and responsibilities of the Office of Management and Budget (OMB) and DHS, move agencies away from paperwork-heavy processes toward real-time and automated security, and put greater management and oversight attention on data breaches. It was reported out of the Homeland Security and Governmental Affairs Committee on June 25.

The Data Security Act would better protect consumers by replacing the current patchwork of state laws and establishing one set of national standards. It would require entities such as financial institutions, retailers, and federal agencies to better safeguard sensitive information, investigate security breaches, and notify consumers when there is a substantial risk of identity theft or account fraud. These new requirements would apply to businesses that take credit or debit card information, data brokers that compile private information, and government agencies that possess nonpublic personal information.