Matsui and Long Introduce Bipartisan Solution to Improve HHS' Cybersecurity
Matsui and Long Introduce Bipartisan Solution to Improve HHS’ Cybersecurity
Legislation Promotes Best Practices and Empowers Top HHS Cybersecurity Officer to Confront Cyber Threats
House Energy and Commerce Committee members Congresswoman Doris Matsui (D-CA) and Congressman Billy Long (R-MO) today introduced the HHS Data Protection Act. The legislation will establish the Office of the Chief Information Security Officer (CISO) within HHS, elevating the HHS CISO from where the position currently sits underneath HHS’ Chief Information Officer (CIO).
The legislation builds on the Obama Administration’s Cybersecurity National Action Plan, a comprehensive strategy for enhancing cybersecurity protections which recognizes the importance of a Chief Information Security Officer in improving cybersecurity capabilities. Earlier this year, the Administration created the position of the Federal Chief Information Security Officer, the first-ever dedicated senior official in the Administration focused exclusively on coordinating cybersecurity operations across the entire Federal domain.
“The integration of information technology into nearly every aspect of our daily lives means our security landscape has changed dramatically,” said Congresswoman Matsui. “As the network of cyber criminals becomes increasingly sophisticated, our operational structures and strategies must evolve accordingly. This common sense legislation incentivizes best security practices and encourages organizational efficiencies as our federal agencies continue to confront the modern threat environment.”
“It is impossible to completely eradicate the threat of cyber-attacks, but the American people deserve to know that their sensitive information is being safeguarded with the utmost security,” said Congressman Long. “In light of recent data breaches across America’s federal agencies, we have the responsibility to root out vulnerabilities and maximize data protection to give them that peace of mind.”
In August 2015, the majority staff of the Energy & Commerce Committee released a report on information security at FDA following a breach of its internal network. The report recommended that HHS separate the CISO from the CIO to ensure that information security is appropriately prioritized.
Click HERE to read the bill text.