Consolidating Federal Powers Against Cyber-Threats
Marc Ambinder reads the text of a bill Sen. Joe Lieberman (I-Conn.) intends to release today to clarify an organizational structure within the Department of Homeland Security for safeguarding civilian cyber-infrastructure. He focuses on this provision:
The President must notify Congress in advance about the threat and the emergency measures that will be taken to mitigate it. Any emergency measures imposed must be the least disruptive necessary to respond to the threat. These emergency measures will expire after 30 days unless the President orders an extension. The bill does not authorize any new surveillance authorities, or permit the government to “take over” private networks.
Something I’ll be reading for: what the bill says about the military’s new Cyber Command operating in support of the Department of Homeland Security. Previous testimony from Gen. Keith Alexander, CYBERCOM’s chief and the head of the National Security Agency, indicated that the military should only get involved in cyber attacks on civilian infrastructure in cases of real emergency. But the framework for judging “real emergency” has been To Be Determined for some time now.