(Washington, DC)— The House Subcommittee on Economic Security, Infrastructure Protection and Cybersecurity, passed H.R. 285, the Cybersecurity Enhancement Act of 2005.

Chairman of the House Subcommittee on Economic Security, Infrastructure Protection and Cybersecurity Congressman Dan Lungren (R-CA) stated, “The majority of our nation’s critical technology infrastructure is outside of federal control – with 85% in private hands.  The Department of Homeland Security must work hand in hand with the private sector – not only because the majority of technical infrastructure is owned privately, but also because the private sector is at the forefront of innovative, productive, and efficient technologies to secure cyberspace and associated critical infrastructure.”

“It is difficult to measure the potential costs and probabilities of cyberattacks.  There are no standard methodologies for cost measurement – although 2003 loss estimates due to hostile digital acts range from $13 billion (worms and viruses only) to $226 billion for all forms of overt attacks.  Although accidental, the blackout of August 2003 may have cost about $6 to $10 billion for the entire U.S. economy alone, which accounted for 0.1% of GDP.  Clearly, if the attack had been deliberate, the potential loss would have been much worse.  An attack on the financial services sector or the stock market could have incalculable long-term economic repercussions for our nation’s financial security,” added Congressman Lungren.

Legislation calling for the creation of an Assistant Security of Cybersecurity was introduced earlier this year by Congressman Mac Thornberry – the former Subcommittee Chairman – and Congresswoman Zoe Lofgren, the former Ranking Member and currently a Member of the Subcommittee.

H.R. 285 will enhance the importance of cybersecurity within the Department of Homeland Security by creating a new position of Assistant Secretary for Cybersecurity.  The newly created position will empower the head of the National Cybersecurity Division with official responsibilities across the federal government and the private sector.

The bill also contains specific language that will outline the responsibilities of the Assistant Secretary – guiding the work that needs to be done to identify the threats and vulnerabilities, mitigate those vulnerabilities, institute a warning system, and be able to effectively and quickly respond to a cyberattack should one occur.  These statutory authorities will also serve to clarify within the Department of Homeland Security and for the outside world the role and responsibilities of the cybersecurity office.

###