"This is a small but encouraging sign that Congress is waking up to the reality that cybersecurity is national security."

U.S. Senator Ben Sasse, a member of the Senate Homeland Security Committee, issued the following statement after President Obama signed his legislation, introduced in the wake of a hack of the United States Census Bureau. This is Sasse’s first piece of legislation to become law.

"This is a small but encouraging sign that Congress is waking up to the reality that cybersecurity is national security. We still need to go big. This is an important defensive action for one agency that should set the table for a serious conversation. Washington is overdue for a top-to-bottom overhaul of our cyber vulnerabilities, our defenses, and our offensive doctrine."

Background:

Last night, President Obama signed H.R. 3116, the Quarterly Financial Report Reauthorization Act. The law includes an amendment authored by Senator Sasse which requires the Commerce Department to thoroughly review the Census Bureau’s actions in light of recent breaches at OPM and report back to Congress.

In July, hackers breached the Census Bureau. This news followed the announcement that a malicious attacker—likely the Chinese government—breached OPM and stole information on 22 million Americans, including many security clearance holders.

The report would require the Secretary of the Commerce Department to: (1) identify sensitive information systems at Census; (2) describe what steps have been taken to protect that information in light of the OPM breaches; (3) identify any known breaches of Census information; and (4) identify if any Census information could be used for a classified mosaic (a piecing together of information from a variety of databases—even unclassified ones—that an adversary could use to build a picture that is damaging to our own national security).