The Cybersecurity Act of 2015 is the latest example for the House Homeland Security Committee.
The committee will hold the first of two hearings on the bill’s implementation this week. On June 15, the committee will hear industry’s perspective with representatives from the U.S. Chamber of Commerce, the U.S. Telecom Association and two vendors scheduled to testify.
Then on June 22, the Homeland Security Department and possibly others from the administration are expected to testify.
A committee aide said the goals for both hearings are simple: To find out what impact bill has had so far and what else is needed going forward.
If you remember, in many ways, the Cybersecurity Act of 2015 had been eight years in the making. The Obama administration has been pushing for major cyber legislation almost since it arrived in the White House.
The bill, passed in December as part of the omnibus spending package for fiscal 2016, gave DHS more authority and responsibility around the sharing of cyber threats, protecting the dot-gov domain and it also created liability protections for industry to make cyber collaboration easier.
Most recently, the committee continued to build on its cyber legacy, approving the Cybersecurity and Infrastructure Protection Agency Act of 2016. The bill, sponsored by McCaul, would reorganize and rename DHS’ National Programs and Protections Directorate.
Among the things the bill would do is redesignate NPPD to the Cybersecurity and Infrastructure Protection agency.
“This measure realigns and streamlines the department’s cybersecurity and infrastructure protection missions to more effectively protect the American public against cyber attacks that could cripple the nation,” McCaul said.
The legislation would create four divisions — cybersecurity, emergency communications, infrastructure protection and the Federal Protective Service.
Rep. Jim Langevin (D-R.I.), said the NPPD has seen increased activity and responsibility particularly over the dot-gov domain and around information sharing.
“NPPD is acting in an operational capacity today and it’s clear it’s out grown its current organizational structure as just a headquarters component,” he said.
DHS submitted its own legislative proposal to the committee in March to reorganize NPPD.
The committee aide said the DHS proposal was straightforward, just wanting to turn NPPD into an agency and change some aspects of the law to recognize the new agency.
The committee aide said lawmakers have had several discussions with DHS, private sector experts and former senior executives from DHS and particularly NPPD, as they developed the bill.
“We are about 90 percent in agreement on why we need a new agency and how it would be operational,” said the aide. “That other small 10 percent is how to get there. That’s where there are differences.”
The aide said the committee wants to more clearly define the authorities and mission of the new cyber agency.
“It’s a bit of a different approach, but we all want to get to the same goal,” the aide said.
The House committee has been in discussions with its Senate counterpart, the Homeland Security and Governmental Affairs Committee, about the bill.
The aide said Sen. Tom Carper (D-Del.) agrees with the administration’s approach to the reorg.
Sen. Ron Johnson (R-Ohio), the chairman of the committee, is looking more closely at the House’s version of the bill.
The aide said the committee hopes to get the bill to a vote by the full House in the coming weeks.