DEFINING CYBERSECURITY GROWTH CATALYSTS & LEGISLATION

Transcription

1 DEFINING CYBERSECURITY GROWTH CATALYSTS & LEGISLATION

2 GROWTH CATALYSTS & LEGISLATION The current policy funding and policy landscape surrounding cybersecurity initiatives and funding is convoluted with handfuls of proposed bills, enacted laws, confusing funding requests and unique agency perspectives. To help cut through the confusion and political chatter, we have provided a small list of federal initiatives surrounding cybersecurity that have had (or will likely have) direct effects on real estate as well as the agencies that will drive these initiatives forward.

3 DEFINING CYBERSECURITY RECENT LEGISLATION

4 LEGISLATIVE IMPACT ON REAL ESTATE? WHY Capitol Hill has been aware of the importance of protecting America s military and domestic technology infrastructure for some time but the focus has sharpened and gained momentum since the beginning of this decade. This legislative history of cybersecurity is described in detail below, but the most compelling aspect of the set of policy initiatives is the level of funding commitment represented. In an era when both Republicans and Democrats are seeking to minimize federal spending at home and abroad, the resources allocated to fighting cyber threats provide evidence of real and enduring financial commitment. The Workforce Recruitment and Retention Act of 2014 stands to possibly be a transformational piece of legislation for the Washington regional economy. Similar to the migration of talent into the region during the Stimulus Boom of 2008 through 2010, if the Government prioritizes attracting top tech talent through offering compensation packages comparable to the private sector, every sector of the DC metro economy could be affected from multi-housing to retail to, most notably, commercial office.

5 COMPREHENSIVE NATIONAL CYBERSECURITY INITIATIVE Declassified in 2010, the Comprehensive National Cybersecurity Initiative (CNCI) was launched in January of 2008 to protect government computer systems and begin to address the protection of private sector cyber systems. CNCI covers a range of programs from research and development and promoting cyber education to the first complex federal effort to develop deterrence strategies in cyberspace. Some of CNCI remains classified, such as detailed descriptions of the government's cyber offense capabilities. Additionally, the declassification of CNCI was the first federal public disclosure of the role of the National Security Agency in one monitoring program three years before the Edward Snowden leaks. CNCI laid the bedrock for most cyber related federal expansion in 2009 and beyond.

6 EXECUTIVE ORDER: IMPROVING CRITICAL INFRASTRUCTURE CYBERSECURITY This 2013 Executive Order further solidified the Department of Homeland Security (DHS) as the primary shepherd of civilian focused cybersecurity operations for the federal government. While the Department of Defense had enjoyed over a decade of aggressive cyber expansion, organizing and expanding the civilian side of federal cyber was still in its infancy and it now had a face: DHS. The Improving Critical Infrastructure Cybersecurity aimed to promote and incentivize the adoption of cybersecurity practices across all Executive Branch agencies. The Executive Order directed agency heads to work with DHS to share information regarding cyberthreats and security. Additionally, the Executive Order laid down some groundwork for protecting citizen privacy and civil liberties through regulation suggestions. Simultaneous to releasing the above Executive Order, the Obama Administration released a 2013 Presidential Policy Directive (PPD) titled Critical Infrastructure Security and Resilience designed to strengthen the physical and cyber resilience of the nation s critical infrastructure.

7 NATIONAL CYBERSECURITY PROTECTION ACT Probably the single best harbinger of bipartisan support for federal cyber expansion, this 2014 Act was passed in the Democratic controlled Senate and then, within the same week, was passed unanimously in a Republican controlled House. The Act was heralded as the most significant cyber bill to pass Congress in over a decade. The main aim of the Act was to codify the existing cybersecurity and communications operations center at DHS, known as the National Cybersecurity and Communications Integration Center (NCCIC). NCCIC provides a platform for the government and private sector to share information about cybersecurity threats, incident response and technical assistance. The Act requires NCCIC to include representatives of federal agencies, state and local governments and private sector owners and operators of critical information systems. The Act also delegates implementation authority for defense-related and intelligence-related information security to the Secretary of Defense and the Director of National Intelligence, respectively.

8 DHS CYBERSECURITY WORKFORCE RECRUITMENT AND RETENTION ACT The DHS Cybersecurity Workforce Recruitment and Retention Act focuses on strengthening the federal government s cybersecurity workforce. The bill aims at improving hiring procedures and compensation ranges for cybersecurity positions at DHS. Under the provisions of the bill, DHS is required to pay cybersecurity workers similar to the salary that cybersecurity positions receive in the Defense Department. The bill also requires DHS to file annual reports on its recruitment and retention of cybersecurity workers. The bill (and its sister bill, the Cybersecurity Workforce Assessment Act) have been passed both the House and the Senate and await the President s signature. The later bill would require DHS to conduct an assessment of its cybersecurity workforce every three years, in addition to developing a strategy for enhancing the recruitment and training of cybersecurity employees. Both bills would boost DHS ability to competitively hire cybersecurity professionals, a boon for DHS future leased space needs.

9 DEFINING CYBERSECURITY CYBERSECURITY GROWTH CATALYSTS

10 CYBERSECURIT Y GROWTH CATALYSTS Four major agencies are mandated and funded by Congress to protect the homeland and roll out new programs to other agencies. These agencies will continue to lead federal growth and expansion over the next decade. MILITARY NON-MILITARY SPENDING

11 FOR MORE CYBERSECURITY RESOURCES FOR GOVERNMENT REAL ESTATE INVESTORS, VISIT JLL.COM/CYBERSECURITY