Wednesday, March 11, 2009

HS Subcommittee Hearing on Cyber Security

Yesterday, Rep Yvette Clarke (D, NY) conducted her first hearing as Chairwoman of the Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology. The hearing was the first of three that she is planning on holding this month on the subject of Cyber Security. That is an aggressive hearing schedule, but to be expected from one of Chairman Thompson’s minions. There was very little in this hearing that pertained directly to cyber security at high-risk chemical facilities, especially as it pertained to control system security. It mainly dealt with the high-level policy of cyber security and which executive agency would be responsible for developing and implanting the nation’s cyber security program. There did seem to be a consensus that while NSA does have the technical expertise to run cyber security intelligence (and perhaps counter attacks) missions, the operational aspects of running a cyber security program for the civilian sector should probably remain at DHS. One comment that Chairwoman Clarke made in her opening remarks caught my attention. She said: “I believe this Administration should seek to use a combination of regulations and incentives to ensure that our electricity grid (including the Smart Grid), water facilities, financial systems, and other key infrastructures are properly secured.” It seems that the era of ‘voluntary compliance programs’ is coming to an end. I was disappointed that while she mentioned the grid and water facilities, she lumped high-risk chemical facilities in with ‘other key infrastructures’. I was hoping to hear an acknowledgement that chemical facility control systems were a potentially threatened cyber system. It will be interesting to see if that is addressed in future hearings.

No comments:

/* Use this with templates/template-twocol.html */