Last month Sen. Hatch (R,UT) introduced S 1475,
the Promoting Good Cyber Hygiene Act of 2017. This is very similar to HR
3010. While not strictly a companion measure (due to changes in formatting,
word order and organization) this bill would establish the same voluntary
cybersecurity program; principally for use by the Federal Government.
Moving Forward
Unlike the sponsorship situation with HR 3010, Sen. Markey
(D,MA), a cosponsor of this bill, is a member of the Senate Commerce, Science,
and Transportation Committee (Hatch is not) so there is a possibility that this
bill could be considered by that Committee.
Markey has worked hard on establishing a reputation as a
cybersecurity gadfly (I use that term with a certain amount of admiration) in
the Senate. Unfortunately, his scattergun approach to crafting cybersecurity
language has left him with a significant amount of inherent opposition to his
bills; none of the bills that he has offered to date (admittedly still early in
the session) has been considered in Committee.
Commentary
This bill sounds good, but, like its companion, it has some
serious definition problem in the IoT provisions. That ICS-inclusive definition
has essentially no effect on the study required because that study is to be to
consider the effects of the identified cybersecurity concerns upon Federal IT
systems.
Posts
No comments:
Post a Comment