cybersecurity: growth catalysts and legislation
TRANSCRIPT
DEFINING CYBERSECURITYGROWTH CATALYSTS & LEGISLATION
DEFINING CYBERSECURITY
The current policy funding and policy landscape surrounding cybersecurity initiatives and funding is convoluted with handfuls of proposed bills, enacted laws, confusing funding requests and unique agency perspectives. To help cut through the confusion and political chatter, we have provided a small list of federal initiatives surrounding cybersecurity that have had (or will likely have) direct effects on real estate as well as the agencies that will drive these initiatives forward.
GROWTH CATALYSTS & LEGISLATION
DEFINING CYBERSECURITYRECENT LEGISLATION
WH
Y
DEFINING CYBERSECURITY
Capitol Hill has been aware of the importance of protecting America’s military and domestic technology infrastructure for some time but the focus has sharpened and gained momentum since the beginning of this decade. This legislative history of cybersecurity is described in detail below, but the most compelling aspect of the set of policy initiatives is the level of funding commitment represented. In an era when both Republicans and Democrats are seeking to minimize federal spending at home and abroad, the resources allocated to fighting cyber threats provide evidence of real and enduring financial commitment.
The Workforce Recruitment and Retention Act of 2014 stands to possibly be a transformational piece of legislation for the Washington regional economy. Similar to the migration of talent into the region during the Stimulus Boom of 2008 through 2010, if the Government prioritizes attracting top tech talent through offering compensation packages comparable to the private sector, every sector of the DC metro economy could be affected—from multi-housing to retail to, most notably, commercial office.
LEGISLATIVE IMPACT ON REAL ESTATE?WH
Y
Declassified in 2010, the Comprehensive National Cybersecurity Initiative (CNCI) was launched in January of 2008 to protect government computer systems and begin to address the protection of private sector cyber systems. CNCI covers a range of programs—from research and development and promoting cyber education to the first complex federal effort to develop deterrence strategies in cyberspace. Some of CNCI remains classified, such as detailed descriptions of the government's cyber offense capabilities. Additionally, the declassification of CNCI was the first federal public disclosure of the role of the National Security Agency in one monitoring program—three years before the Edward Snowden leaks. CNCI laid the bedrock for most cyber related federal expansion in 2009 and beyond.
COMPREHENSIVE NATIONALCYBERSECURITY INITIATIVE
This 2013 Executive Order further solidified the Department of Homeland Security (DHS) as the primary shepherd of civilian focused cybersecurity operations for the federal government. While the Department of Defense had enjoyed over a decade of aggressive cyber expansion, organizing and expanding the civilian side of federal cyber was still in its infancy—and it now had a face: DHS. The Improving Critical Infrastructure Cybersecurity aimed to promote and incentivize the adoption of cybersecurity practices across all Executive Branch agencies. The Executive Order directed agency heads to work with DHS to share information regarding cyberthreats and security. Additionally, the Executive Order laid down some groundwork for protecting citizen privacy and civil liberties through regulation suggestions. Simultaneous to releasing the above Executive Order, the Obama Administration released a 2013 Presidential Policy Directive (PPD) titled “Critical Infrastructure Security and Resilience” designed to strengthen the physical and cyber resilience of the nation’s critical infrastructure.
EXECUTIVE ORDER: IMPROVING CRITICAL INFRASTRUCTURE CYBERSECURITY
Probably the single best harbinger of bipartisan support for federal cyber expansion, this 2014 Act was passed in the Democratic controlled Senate and then, within the same week, was passed unanimously in a Republican controlled House. The Act was heralded as the most significant cyber bill to pass Congress in over a decade. The main aim of the Act was to codify the existing cybersecurity and communications operations center at DHS, known as the National Cybersecurity and Communications Integration Center (NCCIC). NCCIC provides a platform for the government and private sector to share information about cybersecurity threats, incident response and technical assistance. The Act requires NCCIC to include representatives of federal agencies, state and local governments and private sector owners and operators of critical information systems. The Act also delegates implementation authority for defense-related and intelligence-related information security to the Secretary of Defense and the Director of National Intelligence, respectively.
NATIONAL CYBERSECURITYPROTECTION ACT
The DHS Cybersecurity Workforce Recruitment and Retention Act focuses on strengthening the federal government’s cybersecurity workforce. The bill aims at improving hiring procedures and compensation ranges for cybersecurity positions at DHS. Under the provisions of the bill, DHS is required to pay cybersecurity workers similar to the salary that cybersecurity positions receive in the Defense Department. The bill also requires DHS to file annual reports on its recruitment and retention of cybersecurity workers. The bill (and its sister bill, the Cybersecurity Workforce Assessment Act) have been passed both the House and the Senate and await the President’s signature. The later bill would require DHS to conduct an assessment of its cybersecurity workforce every three years, in addition to developing a strategy for enhancing the recruitment and training of cybersecurity employees. Both bills would boost DHS’ ability to competitively hire cybersecurity professionals, a boon for DHS’ future leased space needs.
DHS CYBERSECURITY WORKFORCERECRUITMENT AND RETENTION ACT
WH
Y
DEFINING CYBERSECURITYCYBERSECURITY GROWTH CATALYSTS
WH
Y
DEFINING CYBERSECURITY
Four major agencies are mandated and funded by Congress to protect the homeland and roll out new programs to other agencies. These agencies will continue to lead federal growth and expansion over the next decade.
CYBERSECURITY GROWTH CATALYSTS
MILITA
RY
NO
N-M
ILITAR
Y
SPEN
DIN
G
FOR MORE CYBERSECURITY RESOURCES FOR GOVERNMENT REAL ESTATE INVESTORS, VISIT
JLL.COM/CYBERSECURITY