Monday, June 15, 2015

HR 2708 Introduced – Cyber Attack Metrics

Last week Rep. Wilson (R,SC) introduced HR 2708, a bill that would direct the Director of National Intelligence to conduct a study on cyber-attack standards of measurement. The preliminary findings would be reported to Congress in 180-days and the final report within 1-year.

The Director would conduct a study (in conjunction with DHS, DOD, and the FBI) to determine standards that could “be used to measure the damage of cyber incidents for the purposes of determining the response to such incidents” {§1(a)(1)}. Those standards would “include a method for quantifying the damage caused to affected computers, systems, and devices” {§1(a)(2)}.

Moving Forward

Wilson is not a member of the House Intelligence Committee so it is extremely unlikely that the Committee will take up this bill for consideration. If this ever does make it to the floor there is certainly nothing in the bill that would raise any significant opposition.


This is one of the sillier pieces of legislation that I have seen. While there is certainly a place for determining the cost of a cyber-attack it is almost certainly not an intelligence function; at least not if we are measuring the cost in the United States.

No comments:

/* Use this with templates/template-twocol.html */