House Speaker John Boehner announced this week that four different bills touching on cyber security issues would shortly come up for a vote by the full House of Representatives. Notably, however, the "Promoting and Enhancing Cyber Security and Information Sharing Effectiveness Act" is not yet scheduled for a vote.
Also known as the ‘Precise Act’," the legislation has been before the Homeland Security Committee in the House recently. There, the committee removed provisions that would have granted the federal government broad new powers over private businesses. Specifically, the previous versions of the Precise Act would have allowed federal regulators to help set security standards for many privately managed and owned IT infrastructure systems. Under the original vision of the bill, the private businesses themselves would have participated in creating such standards; still, the Homeland Security Committee felt that even that process would veer too close to letting the government impose regulations that could one day become too onerous for private businesses to tolerate.
The four pieces of legislation that are due to come before the full House include the CISPO Act, which would allow private businesses to share information about the threat environment with government authorities as well as with other companies as needed. Such sharing would be voluntary. Another bill, known as the Cyber Security Enhancement Act, would assist that National Science Foundation and NIST to provide more awareness and education regarding cyber security issues.
Much of the cyber security legislation being debated and considered has strong implications for businesses that use a managed services model for IT support since IT security is one of the key elements provided via a managed services approach.