The Department of Homeland Security inspector general found that a year after the department’s Office of Cybersecurity and Communications (CS&C) reorganized its internal structure, it “still faces challenges in sharing cyber threat information with other federal cyber operations centers.” CS&C, part of DHS’s National Protection and Programs Directorate (NPPD), reorganized in October 2012 to improve the National Cybersecurity and Communications Integration Center’s functionality, the DHS IG said in a report made public Monday. NCCIC has since enhanced partnerships with other federal cyberoperations centers to address specific incidents and increased interagency collaboration, the report said. The NCCIC also collaborated with the FBI and other public and private partners to release Joint Indicator Bulletins related to cyberthreats and conducted drills to improve cyberoperations centers’ capabilities and plans, the report said. But NPPD needs to address tech and workforce deficiencies -- issues NPPD told the IG it is working to improve (http://1.usa.gov/1a3ndpB).
Jimm Phillips
Jimm Phillips, Associate Editor, covers telecommunications policymaking in Congress for Communications Daily. He joined Warren Communications News in 2012 after stints at the Washington Post and the American Independent News Network. Phillips is a Maryland native who graduated from American University. You can follow him on Twitter: @JLPhillipsDC
Congress “is going to have to take the lead” on cybersecurity, said former Rep. Cliff Stearns, R-Fla., at an FCBA event Wednesday night. Stearns is now a senior adviser at APCO Worldwide. Although President Barack Obama issued a cybersecurity executive order in February, Stearns said he believes “it has gone nowhere. You need some kind of leadership in the House and Senate to say ’this is the basic standards that we've got to go forward with.’ Absent that, industry is going to have to work within themselves.” Although the House passed the Cyber Intelligence Sharing and Protection Act earlier this year, similar information sharing legislation will be difficult to pass in either the House or Senate following leaks about the controversial National Security Agency surveillance programs, Stearns said.
The White House and the Department of Homeland Security highlighted their efforts to advance efforts to improve cybersecurity Wednesday. The U.S. is “light-years ahead of where we were 18 months ago” in advancing the national conversation on cybersecurity, said White House Cybersecurity Coordinator Michael Daniel at a Bloomberg Government event. The White House has been working with federal agencies since February to implement President Barack Obama’s cybersecurity executive order. As part of that implementation effort, the National Institute of Standards and Technology released a preliminary version of the Cybersecurity Framework last week (CD Oct 23 p1). Daniel lauded the framework Wednesday as a “remarkable example of true public-private partnership.” Agencies’ budgets also show the degree to which the White House is making cybersecurity a big priority, he said, noting that the administration’s cyber efforts are as well protected as its other priorities given the strains of sequestration. The White House is also continuing to encourage Congress to pass information-sharing legislation that would improve the cybersecurity of critical infrastructure, Daniel said. The order will “help bring clarity to the specific kinds of information-sharing that we need,” said Suzanne Spaulding, DHS deputy undersecretary-National Protection and Programs Directorate. DHS is the primary department responsible for implementing the order. DHS is doing “everything we can to help public and private sector make wise risk management decisions,” she said.
The House Homeland Security Committee approved two Department of Homeland Security-centric cybersecurity bills Tuesday, sending them to the full House for consideration. The committee approved the bills -- the Critical Infrastructure Research and Development Advancement Act (HR-2952) and the Homeland Security Cybersecurity Boots-on-the-Ground Act (HR-3107) -- on voice votes with amendments. The bills had received unanimous support from the House Cybersecurity Subcommittee in September (CD Sept 19 p20).
Congress should “proceed with caution” as it considers a second round of changes to the U.S. patent system, former Patent and Trademark Office (PTO) Director David Kappos is expected to tell the House Judiciary Committee Tuesday. Kappos, now a partner at Cravath Swaine, is to testify at a 10 a.m. hearing to get industry input on the Innovation Act (HR-3309). The bill, introduced last week by committee Chairman Bob Goodlatte, R-Va., attempts to curb abusive patent litigation by making changes to court rules governing patent cases, as well as through changes to PTO programs (CD Oct 24 p12).
Industry stakeholders must remain engaged in development and implementation of the Cybersecurity Framework as the National Institute of Standards and Technology moves into the process of creating a final version of the framework for release in February, said NIST Director Patrick Gallagher. NIST released a preliminary version of the framework Tuesday to collect public input (CD Oct 23 p1). That input will include a fifth framework development workshop Nov. 14-15 at North Carolina State University’s Centennial campus in Raleigh. In addition to seeking input on specific parts of the framework, NIST will discuss possible structures for an independent, industry-led body to take charge of further revisions to the framework, Gallagher said during a USTelecom event Friday.
Patent litigation revamp legislation that Senate Judiciary Committee Chairman Patrick Leahy, D-Vt., is set to introduce within the next few weeks is likely to reflect the spirit of the Innovation Act (HR-3309), which House Judiciary Committee Chairman Bob Goodlatte, R-Va., introduced Wednesday -- but it’s unlikely to be a direct analog, patent debate participants told us in interviews last week. Goodlatte and Leahy have been closely coordinating the development of their separate bills, with Leahy saying soon after the Innovation Act’s introduction that he and Goodlatte “share a common goal” to curb abusive patent litigation and would continue to work on it going forward (CD Oct 24 p12).
Patent industry stakeholders should “stay tuned” for a pending U.S. Patent and Trademark Office rulemaking on the filing and disclosure of real-party-in-interest (RPI) patent ownership information, acting PTO Director Teresa Stanek Rea said Thursday. PTO is conducting the rulemaking process as part of its implementation of President Barack Obama’s set of executive actions to combat abusive patent litigation. The set of actions tasks PTO with creating rules that will require patent applicants and owners to regularly update ownership on file at PTO when they are involved in proceedings with the agency (CD June 5 p6).
House Judiciary Committee Chairman Bob Goodlatte, R-Va., formally introduced the Innovation Act (HR-3309) Wednesday, culminating what he called months of “collaborative” discussion about the best way to curb patent litigation abuse. The bill, which closely resembles a discussion draft Goodlatte released last month (CD Sept 24 p15), balances the need for “robust legal reform measures while protecting property rights,” he said during a news conference. The bill seeks to punish bad behavior rather than target specific types of companies, he said, noting that he and others use “patent troll” as an “adjective describing behavior rather than a noun."
The National Institute of Standards and Technology released the preliminary version of the Cybersecurity Framework Tuesday, meeting skepticism from some cybersecurity experts. Early reaction from industry groups praised NIST’s inclusion of industry in the framework’s development, but the groups said they needed to review the framework more thoroughly. NIST had said it wanted to release the new version for public comment as soon as possible since it missed its original Oct. 10 deadline because of the government shutdown. NIST said it believes it will be able to meet the February deadline to release a final version of the framework.