Tech groups praise parts of intelligence bill
But they still want the government's lead cybersecurity job elevated
IDG News Service - Technology trade groups cheered parts of a comprehensive intelligence reform bill that passed the U.S. Congress yesterday, including a provision that could speed up the federal government's security clearance process for IT vendors and contractors.
But the bill, passed by the U.S. House of Representatives on Tuesday and by the Senate yesterday, was stripped of language that would have elevated the lead cybersecurity position at the U.S. Department of Homeland Security from a director-level position to an assistant secretary.
The Information Technology Association of America (ITAA) said it was "dismayed" that congressional negotiators took out the assistant secretary language. The trade group and other organizations have called on Congress to elevate the position because they believe that it's too low in the agency to push cybersecurity goals in the public and private sectors.
The Arlington, Va.-based ITAA called on Congress to elevate the position as soon as possible next year.
The ITAA cheered other parts of the intelligence reform bill, known as the National Intelligence Reform Act. The bill would help speed along security clearances for IT vendors and contractors working with the U.S. Department of Defense or intelligence agencies, said Bob Cohen, senior vice president at the ITAA.
It can take more than 12 months to approve a new top-secret Defense Department clearance for someone with limited foreign travel experience and no credit or police problems, according to the ITAA. The delays are a "very big problem" for IT companies that want to do work for the Defense Department and other agencies, Cohen said.
The intelligence bill creates a National Intelligence Directorate (NID). The directorate's responsibilities include developing background-check policies. In conjunction with the White House, the NID deputy director is supposed to appoint a single federal agency to conduct background investigations. However, the director will also be able to grant waivers to specific agencies that need to conduct their own investigations for reasons of efficiency or national security.
Right now, most U.S. intelligence agencies conduct their own security clearances and have differing procedures, Cohen said.
The intelligence bill also allows security-clearance reciprocity between agencies for the first time, Cohen said. For example, an IT contractor with FBI clearance could work for the CIA without getting a new clearance. "We can't be bogged down in red tape," he added. "[The old system] stalls programs because companies can't get their people in place."
The Business Software Alliance praised the intelligence bill for creating a director of science and technology to advise the new director of national intelligence on the use of technology in intelligence matters.
The Washington-based alliance also praisedprovisions to update the FBI's IT structure to lead digital efforts against terrorist threats, use technology to protect U.S. airports and borders, and implement enhanced travel screening.
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Confront consumerization with convergence Virtualization expert Elias Khnaser spotlights the security, compliance, and governance issues that arise when enterprise users "consumerize" with shadow IT and public cloud...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Gov't Legislation/Regulation White Papers | Webcasts