WASHINGTON, DC – As reported Friday morning by POLITICO, the Energy and Commerce Committee’s Oversight and Investigations Subcommittee released a new report outlining a robust strategy to improve our nation’s critical infrastructure cybersecurity.
The cumulative report, hailed as a “grand vision” in POLITICO’s Morning Cybersecurity, summarizes years of the subcommittee’s work analyzing certain cybersecurity issues with impacts across the Energy and Commerce Committee’s broad jurisdiction and identifies six priorities to address cybersecurity.
POLITICO writes, “Democrats may be more eager to propose new regulations when they take over the E&C gavel, but they aren’t likely to discard the strategies outlined in the report.”
House commerce panel outlines plan for ‘holistic and effective’ cyber strategy
The House Energy and Commerce Committee’s cybersecurity agenda for the next Congress includes public-private partnerships, transparency about software code, responsible vulnerability management and a common language for discussing digital flaws, the panel said in a report published Friday.
“There is no one ‘solution’ to cybersecurity, but instead discrete yet interdependent policies that together create a holistic and effective strategy for dealing with the realities of modern cyber threats and opportunities,” the Republican staff of the Oversight Subcommittee wrote in their report.
The subcommittee identified six priorities for the full committee to consider in the next Congress, from developing software ingredient lists to promoting coordinated vulnerability disclosure programs and open-source software.
The E&C report summarizes years of work by committee staffers to make progress on these issues in partnership with critical infrastructure sectors like the health care industry. It also discusses the subcommittee’s oversight of the troubled Common Vulnerabilities and Exposures program, which assigns unique identifiers to every digital vulnerability.
“The main goal of this report, and our main argument … is that we’ve got to change strategies,” a committee aide told POLITICO in an interview, because the current approach to cybersecurity “has not been the most effective.”
Click here to read the full article online.