Sen. Lieberman is chairman of the Senate Homeland Security and Governmental Affairs Committee.
As part of my oversight duties as Chairman of the Homeland Security and Governmental Affairs Committee, I gaveled to order a closed hearing the other day to find out more about the Administration’s new cyber security plan, known as the Cyber Initiative. The plan, which has been kept under tight wrap, takes a government-wide approach to protecting the federal government’s information systems and databases. This means that many agencies will have newly defined responsibilities, which Congress needs to know about. Funding for the Department of Homeland Security (DHS) part of the initiative has tripled in the past year, and that too merits our close attention.
I have historically been concerned about our cyber vulnerabilities and have worked over the years to reduce them. The old Governmental Affairs Committee held a series of hearings on the issue before the terrorist attacks of September 11, 2001. I also began work on the E-Government Act, which contained within it the Federal Information Security and Management Act (FISMA), a provision establishing guidelines for computer security throughout the federal government. After the September 11 attacks, our need for cyber security became more urgent. For that reason, when we developed legislation to create DHS, we called for a national plan to track vulnerabilities in our information networks and to prevent, defend against, and recover from cyber attacks, In 2004, I wrote a strongly-worded letter complaining to then DHS Secretary Ridge about how little the Department had accomplished to reduce the threat to our computer-based infrastructure. At that point, DHS had neither identified nor prioritized cyber systems, much less moved to protect them. The next year, the Government Accountability Office issued a report confirming my earlier criticisms, saying that DHS had not fully addressed any of 13 chief cyber security tasks identified by GAO. Over the next few years, a number of cyber security breaches occurred at agencies such as the Veterans Administration and NASA, once again underscoring the urgent need to safeguard our information networks. And in 2007, GAO issued a report on government wide cyber security policy, as required by FISMA, finding “significant weaknesses