National Cyber Director (NCD) Harry Coker Wednesday urged Congress to pass bipartisan legislation that would bolster the Biden administration’s efforts to harmonize cybersecurity regulations across the Federal government.
Sens. Gary Peters, D-Mich., and James Lankford, R-Okla., introduced the ‘‘Streamlining Federal Cybersecurity Regulations Act” – and moved it out of the Senate Homeland Security and Governmental Affairs Committee in July. The bill would task the NCD to lead a regulation harmonization committee.
The committee – composed of the head of each regulatory agency – would publish a framework for achieving cyber harmonization within a year after the bill is passed.
“There is some very important legislation that would greatly help our ability to streamline well-meaning regulations to provide more security for the American people and more clarity and efficacy for American companies,” Coker said during his keynote at the Conference on Cyber Regulation and Harmonization – co-hosted by Columbia University and New York State on Nov. 13.
“I am personally so grateful to Chairman Peters and Senator Lankford, who have joined our efforts to effect real change in the regulatory landscape,” Coker continued. “Their bill, one that is bipartisan, would bring all relevant parties, including the independent regulators, to the table to make policy. It would charge us collectively with creating a structure for regulatory harmonization and reciprocity that could serve as a model going forward. And I’m eager for Congress to pass this bill.”
With the release of its National Cybersecurity Strategy Implementation Plan in July 2023, ONCD is spearheading the large and potentially thorny task that sits at the very top of the list for implementing the White House’s National Cybersecurity Strategy – harmonizing cybersecurity regulations – a process that may take years to complete.
ONCD announced earlier this summer that it is building a pilot reciprocity framework to be used in a critical infrastructure subsector which will give it “valuable insights” into how to best design a harmonized cybersecurity regulatory approach.
The new pilot is based off the findings from responses from its July 2023 request for information that sought input from stakeholders to understand existing challenges with cybersecurity regulatory overlap and inconsistency. ONCD received more than 2,000 pages in responses from 86 organizations representing 11 of the 16 critical infrastructure sectors.
Assistant NCD for Cyber Policy and Programs Nick Leiserson – who has been ONCD’s public face for cyber harmonization and reciprocity – urged Congress to pass Sen. Peters’ bill by the end of this year.
“If we can get that done this year, that will really help by getting all of the relevant parties,” he said during a separate panel of the Columbia event Wednesday. “There is a lot of good reason to think that this will continue to be a topic that goes forward [in the next administration].”
Coker echoed Leiserson’s sentiment, noting that “cybersecurity has always been a nonpartisan issue, and I expect that it will stay that way.”
“So regardless of who is in the White House or who is in Congress, I have an abiding faith that we will continue to invest in cybersecurity, partner with critical infrastructure owners and operators, and continue to work together to find reasonable solutions that will best protect American people while allowing our economy to continue to prosper,” Coker concluded.
