The legislation is sponsored by Rep. Dan Lungren (R-Calif.), who is chairman of the subcommittee as well as a member of a House Republican cybersecurity task force that issued a report in October. The bill reflects the recommendations of the task force in that it emphasizes providing voluntary incentives to companies to improve cybersecurity, rather mandating protections.
At the same time, the bill contains some bait for the Democrats, such as tasking the Department of Homeland Security (DHS) with the responsibility for overseeing civilian cybersecurity efforts, as well as increased funding for cybersecurity research and development and greater authority for DHS to hire cybersecurity experts.
The legislation would also set up a National Information Sharing Organization, a quasi-government entity that would serve as a clearinghouse for the exchange of cyberthreat information.
The organization would be a nonprofit with an initial board of directors, selected by the homeland security secretary, made up of 10 private sector individuals and five federal officials. The private sector officials would represent the various critical infrastructure stakeholders and serve three-year terms with regular elections.
The government would contribute only 15% of the organization’s annual costs, with the bulk of the expenses coming from the private sector.