Compliance Management, Industry Regulations

‘We’re ready for round two’: Gallagher and Langevin look toward more cyber legislation

The Cyber Solarium Commission, co-chaired by Rep. Michael Gallagher, R-Wis., suggested an officer akin to the White House trade advisor known as the national cyber director to head oversight and coordination. (U.S. Congress)

Reps. Mike Gallagher, R-Wis.., and Jim Langevin, D-R.I. — commissioners both — were optimistic about the continued contribution of the Cyber Solarium Commission in the year ahead during their keynote address at the RSA Conference.

A mix of politicians, private sector appointees, and academics, the bipartisan Solarium Commission was able to make nearly 30 recommendations that were passed into law — no small feat in the typically stagnant world of cyber policy. Gallagher, who co-chaired the commission with Sen. Angus King, I-Maine, credited the success to a deliberate decision to base the Solarium's final report around shovel ready suggestions.

"With four members of Congress on the commission, [we realized], we should write a report that's really a blueprint for legislative action," said Gallagher.

The commission was modeled after Eisenhower's Project Solarium for nuclear deterrence, the subject of Gallagher's doctoral thesis. The commission was created in the 2019 defense authorization bill, with its recommendations codified into law in the next year's defense authorization bill. Most notably, the commission's accepted recommendations included the national cyber director position, a long time priority of Langevin.

"There's still more work to be done and we're ready to go again for round two, in terms of legislation," said Langevin.

Langevin highlighted several priorities still unaddressed in the 2020 report, all of which echoed calls in Tuesday's RSA panel from fellow Commissioner Frank Cilluffo and R-Street Institute cyber policy expert Paul Rosenzweig.

Those priorities included a Bureau of Cyber Statistics, which would aggrigate breach information to allow federal and private security pros to make data-driven security decisions, designating the most critical infrastructure "systemically important" to receive special attention and a public private information sharing entity called the Joint Collaborative Environment.

Gallagher said the SolarWinds debacle, where vendor FireEye was first to sound the alarm, proved the criticality of the governments relationship with the private sector.

He said the commission, which was renewed in the 2020 Defense Authorization Act, is expected to work cooperatively with the Executive Branch, but would also keep a close eye on the Biden administration to make sure ideas passed into law are implemented correctly. While Biden has announced former-commissioner Chris Inglis as his pick for national cyber director, it came after a long delay, and some have worried about the NCD establishing itself as an office.

Asked about election security, a perennially blooming cybersecurity debate in Congress, Gallagher said making headway would be an option if Congress could adopt the shared-purpose bipartisanship of the Solarium Commission.

"I think you could have come into any of our commission meetings blindfolded and you wouldn't have known who the Democrats were or who the Republicans were," he said.

Joe Uchill

Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.