Key Takeaway: Senate Drama on Cybersecurity, Bill Ultimately Delayed
For the past week, C-Span has been constantly on in NASCIO’s D.C. office as we monitor the drama that is the Cybersecurity Information Sharing Act (CISA) (S. 754).
Here’s the skinny: Last week, Majority Whip John Cornyn (R-Texas) said the Senate didn't have time to get to CISA. Majority Leader Mitch McConnell (R-Ky.) said the Senate would get to it after the vote on Planned Parenthood. Vote to defund Planned Parenthood fails and debate moves to CISA. Senators with privacy concerns (like Sen. Ron Wyden (D-Ore.) the only member of the Senate Intelligence Committee to vote against CISA), want to offer amendments and Minority Leader Harry Reid (D-Nev.) has words with the Majority Leader over amendments on the senate floor. Vote to end debate and advance the bill was scheduled for morning of August 5 but delayed to afternoon. Afternoon vote does not take place because agreement on amendments could not be reached. Senators reach 11th hour compromise on amendments. Vote delayed until after August recess. Majority Leader McConnell says the final agreement would “set up expedited” consideration in September. Senate adjourns for August recess.
What would CISA do for state CIOs?
CISA would allow cybersecurity information sharing between private companies and the Federal government. In doing so, both the federal government and private companies would be allowed to share cybersecurity threat information with states. In addition to preventing, detecting and protecting against cybersecurity threats, states can use this information to prevent, investigate, or prosecute offenses related to: serious violent felonies, fraud and identity theft, espionage, and trade secrets. CISA would also exempt this type of information from state and local public disclosure laws.
So what happened to amendments?
Currently, the amendment agreement seems to be: 11 amendments for Democrats and 10 amendments for Republicans (but this could change). This agreement will allow Sen. Barbara Mikulski (D-Md.) to offer a provision that would increase OPM’s cybersecurity funding by $37 million between now and September 2017. Sen. Ron Wyden (D-Ore.) will offer an amendment that would place stricter requirements for companies to inspect and strip personal details from cyber threat data. Sen. Tom Cotton (R-Ark.) will support an amendment that protects companies from legal liability when they share data with the FBI and Secret Service. Currently, CISA would provide liability protection only when companies share data directly with the U.S. Department of Homeland Security (DHS).
What can we expect in September?
More drama. Here’s the dilemma. When congressional members return after their summer recess, they will be faced with a multitude of priorities beginning with MONEY. September is the end of the fiscal year and the House will only be in session for 12 days and the Senate, 15. During this time, Congress must work out a funding deal to keep the government open and operating.
Meanwhile, the White House and Democrats continue to seek relief from Budget Control Act spending caps and Republicans in both chambers have indicated that they would not support a budget bill, including a continuing resolution, that doesn’t defund Planned Parenthood. Further complicating matters, Congress still has to address transportation reauthorization which is currently funded for 3 months and address the debt ceiling, the limit for which may be reached in late October.
So where are we? My crystal ball is broken but certainly willing to hear from yours!
Other Buzz:
FCC extends deadline for Lifeline’s Second Further Notice of Proposed Rulemaking (Second FNPRM): Originally due on July 17, the Federal Communications Commission (FCC) has extended the deadline for Lifeline comments to August 17, 2015. Of interest to CIOs, the second FNPRM seeks comment on ways to verify program eligibility, which could potentially tap into state information systems. The second FNPRM also seeks comment on: establishing minimum service levels for voice and broadband, whether to establish a set budget for Lifeline, transition period for reform, establishing a national verifier regarding program eligibility, ways to streamline eligible telecommunications carrier (ETC) designation, among others. Click here to view the Second FNPRM.
OPM has released a solicitation for identity monitoring and expects to make a selection by August 21. Meanwhile, House Oversight and Government Reform Chairman, Rep. Jason Chaffetz (R-Utah) is seeking the removal of OPM CIO, Donna Seymour. Click here to view Rep. Chaffetz's letter.
NASCIO Endorses GIS Bill: In a letter to the Senate Commerce, Science, and Transportation Committee Chairman and Ranking Member, NASCIO is calling for a hearing on the Geospatial Data Act of 2015 (S. 740) introduced by Sens. Hatch (R-Utah) and Warner (D-Va.). S. 740 would require the sharing of federal geospatial data acquired and collected by federal agencies. Currently, the process of sharing federally collected or acquired geospatial data is not being done in an efficient or effective manner; which the Government Accountability Office (GAO) has said is largely due to the lack of enforcement and oversight.
TechBytes:
NASCIO releases Accessibility in IT Procurement (press coverage by Governing and Statescoop)
PWC Findings from 2015 US State of Cybercrime Survey: incidents are increasing and becoming progressively destructive.
Examples of Disruptive Technology that Could Transform Government-Citizen Relationships
Spotlight on Michigan CIO David Behen: How Big Data Helps the State Provide Better Services to Citizens