Federal Times Blogs
Sen. Joseph Lieberman, I-Conn., is confident the Senate will consider his controversial cybersecurity bill within the next month. Whether he has garnered enough support among divided lawmakers is another issue.
“I’m as confident as I can be that this will come up no later than July,” Lieberman told reporters at one of two cyber briefings by the Department of Homeland Security on Wednesday. Lieberman echoed intentions by Senate Majority Leader Harry Reid, D-Nev., to bring cyber legislation to the Senate floor as soon as possible.
The House passed the Cyber Intelligence Sharing and Protection Act (CISPA), HR 3523, in April, but Lieberman said his bill is the better bill. In a statement Wednesday he urged the Senate to pass the bill and iron out differences with the House.
Under Lieberman’s 2012 Cybersecurity Act, certain companies operating the nation’s electric grid, water supply and other critical systems would have to meet cybersecurity standards approved and enforced by DHS and share with the government all instances when they come under cyber attack.
But Congress is at odds about DHS regulating the security of some privately owned networks and whether the department is capable of taking on that role. The briefing on Capitol Hill was one of several that Lieberman hopes will change people’s perception of DHS and highlight its cyber defense capabilities.
“I want people to be confident that the folks at the department can handle it,” he said.
Mark Weatherford, DHS’ deputy under secretary for cybersecurity, said the department has the capacity and cybersecurity expertise in house as well as partnerships with the Defense Department and National Security Agency. He also refuted claims that DHS’ latest intrusion detection system, Einstein 3, may not be made available to agencies. DHS is considering how to deploy the system, he said.
Officials from DHS’ United States Computer Emergency Readiness Team demonstrated how easily hackers can gain control of a person’s computer through spear phishing — targeted emails crafted to convince an individual to divulge information or open malicious files.
The officials simulated how hackers might gather personal information from social networking sites to design a seemingly credible email. They planted malicious code into an email attachment using an open software tool called BackTrack5. By opening the corrupt file, victims can give attackers complete access to their computer, web camera, documents and other data.
The tool was created for security testing purposes but can also be used to launch intentional attacks.
Spear phishing is the most common form of cyber attacks used against personal computers and critical cyber infrastructure, Lieberman said. He added that his bill would raise the defenses against these types of attacks through information sharing and security requirements. For example, the bill would likely require companies to create more complex passwords.
“Some just have the word password,” he said.
The Library of Congress said today it will preserve everything from a tinny 1888 recording of “Twinkle, Twinkle, Little Star” to Prince’s incendiary album “Purple Rain” as part of its latest slate of entries to the National Recording Registry.
The Library each year preserves 25 recordings it feels are “cultural, artistic and/or historical treasures for generations to come.” This year, a wide variety of recordings will be added, including:
- Bo Diddley’s songs “Bo Diddley” and “I’m A Man,”
- Sugarhill Gang’s “Rapper’s Delight,” recognized as the first hit rap song,
- Booker T and the MG’s “Green Onions,”
- Vince Guaraldi’s jazzy soundtrack to “A Charlie Brown Christmas,”
- Dolly Parton’s “Coat of Many Colors,”
- Parliament’s album “Mothership Connection,”
- A May 1977 concert by the Grateful Dead, and
- Donna Summer’s “I Feel Love.”
Thomas Edison recorded an anonymous employee singing “Twinkle Twinkle Little Star” for a talking doll. It may sound unnervingly spooky, but it is believed to be the first commercial children’s recording, and possibly the first time someone was paid to sing on record. The registry also has audio of former slaves telling their life stories, Leonard Bernstein’s debut performance with the New York Philharmonic, and journalist Edward R. Murrow.
The announced preservations of “I Feel Love” and “Green Onions” come not long after Summer and Donald “Duck” Dunn, bassist for Booker T and the MGs, passed away. The Associated Press reported that the Library had already chosen Summer’s song weeks before she died of cancer.
But I find the government’s enshrinement of the “Purple Rain” album somewhat ironic, given that its highly sexual song “Darling Nikki” led then-senator’s wife and future First Lady Tipper Gore to lead a campaign against smutty rock music.
To put you in the right frame of mind for your drive home, enjoy this 70s-tastic performance of “Rapper’s Delight.” Ho-tel, mo-tel, Holiday Inn!
Cybersecurity funding at the Department of Homeland Security would increase 63 percent from $459 million to $749 million under a proposed 2013 spending bill by the House Appropriations Committee.
The increase would fund new initiatives to improve federal network security and defend against foreign espionage, according to a committee press release. The House Homeland Security Appropriations Subcommittee will mark up the bill on Wednesday.
Cyber funding would be $20 million below the president’s $769 million request. Both the administration and some members of the Senate are backing legislation that would give DHS new authorities to regulate cybersecurity. The 2012 Cybersecurity Act, S 2105, would authorize the DHS to regulate security standards for certain privately owned critical networks, such as those affecting the power grid and other systems that, if attacked, would cause death, severe economic damage or national security risks.
Skeptics of DHS’ ability to regulate industry point to the department’s troubled chemical facility security program, or CFATS. Congress in 2007 directed DHS to beef up the physical security and cybersecurity of chemical facilities. But that program suffered from unstable leadership, inadequate training and poor hiring decisions.
The spending bill would provide $45 million for CFATS, $29 million below what was requested and $47 million below current spending levels. “This reduction is due to significant managerial problems, program delays and poor budget execution,” the new release said.
Two Republican congresswomen introduced a cybersecurity bill this week that promotes information sharing and aligns closely with legislation sponsored by Sen. John McCain, R-Ariz.
Reps. Mary Bono Mack, R-Calif., and Marsha Blackburn, R-Tenn., introduced the 2012 Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology Act (SECURE IT), H.R. 4263, on Tuesday.
The bill would provide “explicit authorization for the private sector to defend its own networks and voluntarily share cyber threat information within the private sector and with the government – without the legal barriers that currently exists,” acorrding to a news release.
Other measures include:
- Stiffer penalities for cyber criminals who hack into servers and steal personal information like credit card numbers and government documents.
- Better security of federal networks through reforms to the 2002 Federal Information Security Management Act.
- Advancement of cybersecurity research.
Spring Break fever was in the air today on Capitol Hill. Legislators have officially fled Washington D.C. and there will be no hearings until April 16th.
But before the final votes ensued, the Senate subcommittee on contracting oversight held a hearing where Senators McCaskill, Portman and Tester grilled witnesses from the Army, The Office of Personnel and Management and The Department of Homeland Security over contractor spending.
Meanwhile, Chairwoman McCaskill’s grandsons were in attendance. My guess is they are on their own Spring Break. They sat graciously through the hearing; only occasionally trying sneak into my shot. I’m sure they were absolutely enthralled with the subject of Contractors: How Much Are They Costing the Government.
When Grandma adjourned the hearing she let the boys smack the gavel to officially call the hearing to a close – then they really spotted me. And as kids do, they hammed it up for the camera. So, cute.
The Office of Management and Budget wants Congress to reconsider a proposal to reduce how much contractors can charge the government for their executives’ compensation, an amount that is currently “unjustified and unnecessary,” the federal procurement chief said in a blog post this morning.
Under federal cost reimbursement contracts, agencies pay contractors for incurred costs, including salaries for executives and other employees. These costs usually show up in the overhead rates that contractors set. OMB caps how much contractors can charge the government for executive compensation based on what top private sector executives earn.
Contractors can currently ask the government to reimburse up to $693,951 for each of its top five executives. OMB will soon have to update that figure and the cap is expected to increase to $750,000.
The administration asked Congress last year to scrap the formula that sets the reimbursement cap and instead tie it to what the government pays its own top executives, about $200,000.
“Unfortunately, Congress failed to reform the current reimbursement formula for contractor executives and, until it does, taxpayers will continue to foot a bill that is both unjustified and unnecessary,” Lesley Field, acting administrator of OMB’s Office of Federal Procurement Policy, said in the post.
The administration has asked Congress to take another look at the formula and lower the compensation cap this year.
A cap on how much contractors can charge the government for their top execs would be extended to all defense contract employees as part of the agreement reached by House and Senate leaders for the 2012 National Defense Authorization Act.
Currently, contractors can seek reimbursement for the compensation — wages, salary, bonuses and deferred compensation — of each of the company’s top five executives. Legislation now proposed for the 2012 NDAA would extend that cap, which is now at $693,951, to all employees that work on a contract or are included in the overhead costs of a contract.
The Defense Department could also create an exemption for scientists and engineers if it determines that an exemption is necessary to attract skilled workers in those areas.
The Senate tried to lower the limit of the cap by tying it to the President’s salary, which is now $400,000. Sen. Barbara Boxer, who co-sponsored that language in the Senate bill, was disappointed by the change in the final version and said she will continue working on ways to “rein in exorbitant taxpayer-funded salaries for contractors.”
“It is outrageous that under this bill, defense contractors can continue to charge taxpayers $700,000 a year for their salaries,” she said in a statement.
Both the House and Senate now have to approve the agreements reached by the conference committee.
The proposed NDAA would also preempt any mandate by the President that would require contractors to disclose their political contributions before being awarded a federal contract. Both the House and Senate versions included identical language to prohibit agencies from requiring contractors to submit information about their political contributions at any time during the contract process.
A draft executive order that would have required was leaked in April but the White House has not said anything more than it was under consideration.
Happy Friday! FedLine couldn’t let the week end without noting that the Congressional Research Service has a new permanent director. After serving as CRS’ acting chief since April, Mary Mazanec got the nod Monday from James Billington, the Librarian of Congress. Mazanec replaces Daniel Mulhollan, who retired.
“Dr. Mazanec has advanced degrees in law and medicine and brings a breadth of experience that will be valuable in leading CRS and ensuring that CRS continues to provide comprehensive and objective research and analysis that meets the needs of [members of Congress] and staff,” Billington said in a news release.
Mazanec previously worked at the Health and Human Services Department from 2002 to 2010, where she wound up her tenure as deputy assistant secretary and director of the Office of Medicine, Science and Public Health. She also served as a Senate staffer and as a senior policy analyst at the Medicare Payment Advisory Commission.
Her degrees include a bachelor of science from the University of Notre Dame, a doctor of medicine from Case Western Reserve University Medical School and a juris doctorate from Case Western Reserve University Law School.
Tags: Mary Mazanec
Government contractors who blow the whistle on improper use of federal dollars or unethical behavior would be protected against retaliation under a bill introduced by Sen. Claire McCaskill, D-Mo.
Recent laws that extend protections to some contractors have created a patchwork of inadequate protections, McCaskill, chairwoman of the Senate Contracting Oversight Subcommittee, said during a hearing Tuesday.
For example, whistleblower provisions added for defense contractor employees in 2008 do not protect contractors from retaliation by a government official nor does it cover subcontractors.
Senate Bill 241 would extend whistleblower protections to all government contractors and subcontractors, and consolidate some of the current whistleblower provisions for contractors.
McCaskill introduced the same bill in 2009.
Walter Tamosaitis, who worked for a subcontractor on an Energy Department nuclear waste treatment project in Hanford, Wash., testified that was kicked off the project and moved to a basement office after he raised technical design problems that could cause safety issues. Addressing the concerns would have kept the prime contractor, Bechtel, from finishing on time and collecting a $5 million award fee, he said.
“It’s a very visible example of what happens when you speak up,” he said.
Tamosaitis is now taking Bechtel and the Energy Department to court. Bechtel National spokesman Jason Bohne said the company is contesting all allegations of wrongdoing in Tamosaitis’ case.
It’s all over but the shoutin’ for the supercommittee. Negotiations broke down over the weekend with the parties hopelessly divided over taxes, dooming any chance at finding $1.5 trillion in deficit reduction. Members resorted to pointing fingers at one another on talk shows yesterday, and the only discussions still going on are how to break the bad news to the American people.
Reason magazine’s Peter Suderman put it perfectly in a tweet Saturday: “Super Committee is apparently one of those newfangled indie comic books where the heroes think they have powers but don’t.”
This will mean — theoretically, at least — that $1.2 trillion must be cut from the federal budget under a process known as “sequestration.” Federal Times would like to hear from you about what this will mean for you and your agency. Are you already making plans for sequestration? What discussions have been going on in your budget offices? Are you being told to scale back your hiring in anticipation of the steep budget cuts? E-mail us at firstname.lastname@example.org or email@example.com. If you’d like to stay anonymous, that’s fine.
Even for a committee that nobody really expected would work, it’s an ignominious end. Perhaps when they finally throw in the towel, the supercommittee should play this sound:
FedLine: Treating Congress with the respect it deserves since 2008.