Primary Sources

House Resolution 624, Cyber Intelligence Sharing and Protection Act (CISPA)

The House of Representatives introduced CISPA on February 13, 2013 and passed it on April 18, 2013, but did not pass the Senate. The full title is "to provide for the sharing of certain cyber threat intelligence and cyber threat information between the intelligence community and cybersecurity entities, and for other purposes." Related acts include Stop Online Piracy Act (SOPA), PROTECT IP Act (PIPA), and Online Protection and Enforcement of Digital Trade Act (OPEN Act). The Senate passed a similar bill, Cybersecurity Information Sharing Act of 2015, in October 2015.

See more in United States; Cybersecurity; Intelligence

Primary Sources

Homeland Security Advisory Council: Cyber Skills Task Force Report

On June 6, 2012, Secretary of Homeland Security Janet Napolitano announced the formation of
Task Force on CyberSkills, which would "identify the best ways DHS can foster the development of a national security workforce capable of meeting current and future cybersecurity challenges; and second, to outline how DHS can improve its capability to recruit and retain that sophisticated cybersecurity talent."

See more in United States; Cybersecurity; Labor

Primary Sources

U.S. Department of Homeland Security: Ethical Principles Guiding Information and Communication Technology Research (Menlo Report)

Published in December 2011 and amended in August 2012, the Department of Homeland Security proposed a framework for ethical guidelines for computer and information security research. The framework was informed by the three principles of the 1979 Belmont Report for ethical research in the biomedical and behavioral sciences, Respect for Persons, Beneficence, and Justice. The Menlo Report adds the principle Respect for Law and Public Interest.

See more in United States; Internet Policy; Cybersecurity

Primary Sources

Cybersecurity Act of 2012 (Proposed)

The Cybersecurity Act of 2012 (S. 2105) was introduced by Senator Joseph Lieberman in the U.S. Senate on February 14, 2012.

The summary states, "Directs the Secretary of Homeland Security (DHS), in consultation with owners and operators of critical infrastructure, the Critical Infrastructure Partnership Advisory Council, and other federal agencies and private sector entities, to: (1) to conduct a top-level assessment of cybersecurity risks to determine which sectors face the greatest immediate risk, and beginning with the sectors identified as having the highest priority, conduct, on a sector-by-sector basis, cyber risk assessments of the critical infrastructure; (2) establish a procedure for the designation of critical infrastructure; (3) identify or develop risk-based cybersecurity performance requirements; and (4) implement cyber response and restoration plans. Sets forth requirements for securing critical infrastructure, including notification of cyber risks and threats and reporting of significant cyber incidents affecting critical infrastructure."

See more in Cybersecurity; United States

Primary Sources

Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program

The foreward of this National Science and Technology Council strategy document, written by John P. Holdren (Assistant to the President for Science and Technology and Director, Office of Science and Technology Policy) states,

"This report, Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program was developed by the NITRD agencies and directly responds to the need for a new cybersecurity R&D strategy. As recommended in the CyberspacePolicy Review's near-term action plan, Trustworthy Cyberspace replaces the piecemeal approaches of the past with a set of coordinated research priorities whose promise is to "change the game," resulting in a trustworthy cyberspace. As called for in the policy review's mid-term action plan, this plan identifies opportunities to engage the private sector in activities for transitioning promising R&D into practice. In addition, and consistent with the PCAST recommendations, it prioritizes the development of a "science of security" to derive first principles and the fundamental building blocks of security and trustworthiness.

I am pleased to commend this Federal cybersecurity R&D strategic plan as part of the Administration's comprehensive effort to secure the future of the Nation's digital infrastructure."

See more in Cybersecurity; United States