PO BOX 4352

Sevierville, TN 37864

Electronic Mail

JONATHAN@LULICH.US

(M) 865-446-0384

M-S 8 AM to 6 PM EST

Category

Category Archive Cybersecurity

Congress.gov

From the US Congress: Improving Digital Identity Act of 2023

From congress.gov/bill/118th-congress/senate-bill/884/text

Reported to Senate (07/11/2023)

Calendar No. 129

118th CONGRESS
1st Session

S. 884

[Report No. 118–57]

To establish a Government-wide approach to improving digital identity, and for other purposes.


IN THE SENATE OF THE UNITED STATES

March 21, 2023

Ms. Sinema (for herself and Ms. Lummis) introduced the following bill; which was read twice and referred to the Committee on Homeland Security and Governmental Affairs

July 11, 2023

Reported by Mr. Peters, with amendments

[Omit the part struck through and insert the part printed in italic]


A BILL

To establish a Government-wide approach to improving digital identity, and for other purposes.

Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

This Act may be cited as the “Improving Digital Identity Act of 2023”.

SEC. 2. FINDINGS.

Congress finds the following:

(1) The lack of an easy, affordable, reliable, and secure way for organizations, businesses, and government agencies to identify whether an individual is who they claim to be online creates an attack vector that is widely exploited by adversaries in cyberspace and precludes many high-value transactions from being available online.

(2) Incidents of identity theft and identity fraud continue to rise in the United States, where more than 293,000,000 people were impacted by data breaches in 2021.

(3) Since 2017, losses resulting from identity fraud have increased by 333 percent, and, in 2020, those losses totaled $56,000,000,000.

(4) The Director of the Treasury Department Financial Crimes Enforcement Network of the Department of the Treasury has stated that the abuse of personally identifiable information and other building blocks of identity is a key enabler behind much of the fraud and cybercrime affecting the United States today.

(5) The inadequacy of current digital identity solutions degrades security and privacy for all people in the United States, and next generation solutions are needed that improve security, privacy, equity, and accessibility.

(6) Government entities, as authoritative issuers of identity in the United States, are uniquely positioned to deliver critical components that address deficiencies in the digital identity infrastructure of the United States and augment private sector digital identity and authentication solutions.

Read more: From the US Congress: Improving Digital Identity Act of 2023
The White House - Washington

From The White House: Executive Order on Improving the Nation’s Cybersecurity

From the White House Briefing Room – Presidential Actions

whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/

By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows:

Section 1.  Policy.  The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy.  The Federal Government must improve its efforts to identify, deter, protect against, detect, and respond to these actions and actors.  The Federal Government must also carefully examine what occurred during any major cyber incident and apply lessons learned.  But cybersecurity requires more than government action.  Protecting our Nation from malicious cyber actors requires the Federal Government to partner with the private sector.  The private sector must adapt to the continuously changing threat environment, ensure its products are built and operate securely, and partner with the Federal Government to foster a more secure cyberspace.  In the end, the trust we place in our digital infrastructure should be proportional to how trustworthy and transparent that infrastructure is, and to the consequences we will incur if that trust is misplaced.

Incremental improvements will not give us the security we need; instead, the Federal Government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life.  The Federal Government must bring to bear the full scope of its authorities and resources to protect and secure its computer systems, whether they are cloud-based, on-premises, or hybrid.  The scope of protection and security must include systems that process data (information technology (IT)) and those that run the vital machinery that ensures our safety (operational technology (OT)). 

It is the policy of my Administration that the prevention, detection, assessment, and remediation of cyber incidents is a top priority and essential to national and economic security.  The Federal Government must lead by example.  All Federal Information Systems should meet or exceed the standards and requirements for cybersecurity set forth in and issued pursuant to this order.

Read more: From The White House: Executive Order on Improving the Nation’s Cybersecurity