Greetings folks, it's a pleasure to be taking up residence next to Tony here at Hillicon Valley. My name is Gautham Nagesh and I come to you from Government Executive magazine, where I covered technology in the executive branch, with a short pit stop at the Daily Caller to write about national politics.
One piece of interesting news this afternoon from the House Committee on Oversight and Government Reform: the management subcommittee has reported a bill this afternoon that would considerably beef up the federal government's efforts to secure its networks. In addition to increasing the monitoring requirements for agencies, the bill would also require a permanent national office to oversee cybersecurity, building on President Obama's appointment last year of the nation's first cyber security czar Howard Schmidt. Schmidt's appointment came after months of speculation on the relative influence of the position; it will be worth tracking this legislation to see if it finally gives the cyber czar some ability to affect change instead of simply making recommendations.
Here's the full email from the subcommittee (emphasis mine):
Technology. The House Oversight and Government Reform Government Management Subcommittee today reported legislation mandating the creation of a permanent national office for cyberspace within the White House to oversee federal agency efforts to protect computer systems from terrorist attacks and other threats. Under the bill, which cleared the subpanel on a voice vote, the office would have a Senate-confirmed director and include a panel of government information technology experts tasked with guiding agency programs to tighten their computer security systems. The legislation would effectively institutionalize the White House Office of Cyber-Security Coordinator created by President Obama by executive order last year and now headed by Howard Schmidt, a veteran computer industry official who served as an adviser to President George W. Bush. The legislation would also direct agencies to develop automatic systems for continuously monitoring their computer networks for deficiencies and risks instead of - as they are required to do now - filing annual reports showing compliance with the standards of the Federal Information Security Management Act.