Langevin Statement on Cybersecurity National Action Plan

Statement

Congressman Jim Langevin (D-RI), who co-founded and co-chairs the Congressional Cybersecurity Caucus, issued the following statement in response to President Barack Obama's Cybersecurity National Action Plan (CNAP) to implement a short- and long-term strategy to strengthen our nation's cyber defenses:

"For nearly a decade, I have been committed to improving cybersecurity and raising awareness of the economic and national security threats we face in cyberspace. Our nation's increasing reliance on technology for everything from personal banking to critical infrastructure to connected cars, has greatly benefited our economy and quality of life, but it has also left us at great risk of attack. Each day, our government and our citizens face attacks that compromise our privacy, rob us of intellectual property and threaten the financial security of all Americans. We also face a growing threat to our physical security from malicious actors interested in sabotaging our electric grid and water supply. The momentum for stronger cybersecurity continues to build, but we must take bold action if we are to mitigate cyber risks and keep up with an ever-changing technology landscape.

"I am hopeful and confident that this bold action starts today. President Obama's proposal charts a path forward and invests $19 billion in cybersecurity -- a 35 percent increase that demonstrates a commitment on behalf of the Administration to make meaningful progress in this area. This infusion of funds is sorely needed, especially the $3.1 billion designated to kickstart the modernization of outdated government IT systems, an initiative that will pay for itself through increased efficiencies while dramatically increasing security.

"I am particularly pleased with the focus on providing a more centralized cyber leadership within the government, a structure I have championed in my Executive Cyberspace Coordination Act. While I continue to remain concerned about the lack of independent review of agency budgets, the creation of a Federal Chief Information Security Officer position should help raise the profile of cybersecurity within the Office of Management and Budget and provide a single focus for managing operations across the government. I am also thrilled with the forthcoming establishment of a Commission on Enhancing National Cybersecurity to help lay the groundwork for the next President and provide guidance on the transition to a holistic, enterprise-level approach to securing the .gov domain. Through my experience on the CSIS Commission on Cybersecurity for the 44th Presidency, I know how valuable the voices of business and technology leaders can be in soliciting feedback on future action.

"Planning for the future also requires strong investment in research and development, and I commend the Administration's new strategic plan for cybersecurity R&D. Only by appropriately prioritizing research dollars to support fundamental studies into topics such as cybersecurity efficacy, human factors, and risk management can we begin to remove the asymmetric advantage currently enjoyed by attackers. Successful R&D must be done in close collaboration with the private sector, which is why I particularly look forward to continued development of the National Center for Cybersecurity Resilience, designed to allow companies to test industrial control systems on a model electric grid, and initiatives to encourage auditing of the open source tools that are the bedrock of so many technologies we use today.

"Of course, none of these initiatives will be successful without a trained workforce to implement them. As a longtime supporter of the CyberCorps: Scholarships for Service program, I am excited at the prospect of recruiting alumni to serve as a "cyber reserve," and I believe the continued expansion of the National Centers for Academic Excellence in Cybersecurity program is essential to addressing our workforce deficit. Of course, every worker, from the board room to the mail room, has some responsibility for cybersecurity, which is why I echo the President's call to activate two-factor authentication on sensitive accounts.

"While the President has laid out an ambitious agenda, it is up to Congress to follow through with the resources and legal authorities required to implement it. We must also ensure that, even as we tighten the federal government's internal cybersecurity, we continue to look outward to our partners, domestically and internationally, to raise the defenses of all our networks. Cybersecurity is a complex and constantly evolving challenge, and our strategy must evolve accordingly. The President's 2017 budget request reflects an appropriate strategic adjustment to the debacle that was the breach of Office of Personnel Management systems earlier this year. While I commend his efforts, I hope we will leverage this increased attention to address the challenges of tomorrow, not just those of yesterday."

Source