Four Bills to Strengthen Nation’s Cyber Defenses Head to President’s Desk

House approves bills to codify National Cybersecurity and Communications Integration Center, modernize Federal Information Security Management Act of 2002, and strengthen DHS’s cyber workforce

WASHINGTON – Four bipartisan bills that will modernize, strengthen, and improve our nation’s cyber security defenses were approved by the House of Representatives and are now headed to President Obama’s desk. The measures, which are the results of bipartisan and bicameral compromise, are the first major cyber security bills to become law in several years. The bills reflect the work of Senate Homeland Security and Government Affairs Committee Chairman Tom Carper (D-Del.) and Ranking Member Tom Coburn (R-Okla.); House Homeland Security Committee Chairman Michael McCaul (R-Tex.), Ranking Member Bennie Thompson (D-Miss), and Subcommittee Chair Patrick Meehan (R-Pa.) and Ranking Member Yvette Clarke (D-NY); and House Oversight and Government Reform Chairman Darrell Issa (R-Calif.) and Ranking Member Elijah Cummings (D-Md.).

“Cybersecurity is one of our nation’s biggest challenges,” said Chairman Carper. “It is more than clear that the federal government needs to address this 21st century threat with a 21st century response. While our work in this area is far from finished, these bills are an important step in our effort to modernize our nation’s cybersecurity programs and help the public and private sectors work together to tackle cyber threats more effectively in the future. I’d like to express my deepest appreciation to Dr. Coburn and his staff for their tireless hard work on these measures. This achievement wouldn’t have been possible without their dedication. I’d also like to thank our colleagues in the House – Chairmen McCaul, Issa, and Meehan, and Ranking Members Thompson, Cummings and Clarke -- for their efforts and compromise. But we cannot rest on our laurels. I will make cybersecurity a top priority for the 114th Congress and continue to work with my colleagues on both sides of the aisle on a long-term solution to enhance our nation’s cybersecurity efforts.”

“Our nation faces serious cybersecurity threats. Including foreign nations and other adversaries that continue to compromise our networks and steal the America people’s sensitive information,” said Ranking Member Coburn. “These bills will help the nation address these threats. Updating the law for federal information security will ensure that agencies are accountable to Congress and the public for data breaches. Codifying the NCCIC will require DHS to improve its programs for assisting the private sector and sets the stage for future legislation to provide liability protection for sharing cyber threat information. I thank and applaud Chairman Carper for his dedication and leadership.”

Earlier today, Congress passed a bill that will codify the existing cybersecurity and communications operations center at the Department of Homeland Security (DHS), known as the National Cybersecurity and Communications Integration Center. The National Cybersecurity Protection Act of 2014 (S. 2519) calls on the Center to serve as a federal civilian information sharing interface for cybersecurity. It also authorizes the Center’s current activities to share cybersecurity information and analysis with the private sector, provide incident response and technical assistance to companies and federal agencies, and recommend security measures to enhance cybersecurity. It was originally introduced as the National Cybersecurity and Communications Integration Center Act of 2014 by Homeland Security and Governmental Affairs Chairman Tom Carper (D-Del.) and Ranking Member Tom Coburn (R-Okla.).

Yesterday, the House of Representatives passed critical legislation that would help federal agencies thwart cyber attacks. The Federal Information Security Modernization Act of 2014 (S. 2521), introduced by Senate Homeland Security and Governmental Affairs Committee Chairman Tom Carper (D-Del.) and Ranking Member Tom Coburn (R-Okla.), would update the Federal Information Security Management Act of 2002 to better protect federal agencies from cyber attacks. The bill, which updates a 12-year-old law to meet the federal government’s current cybersecurity needs, establishes real-time monitoring of federal computer networks, and enhances oversight of federal data breaches, now heads to the President’s desk to be signed into law.

In addition to FISMA, the House of Representatives passed a piece of legislation that would save taxpayers almost $80 million a year while enhancing the Department of Homeland Security’s ability to secure federal computer networks and respond to attacks. The Border Patrol Agent Pay Reform Act of 2013 (S. 1691) included language from Senator Carper’s DHS Cybersecurity Workforce Recruitment and Retention Act, which would help the Department of Homeland Security recruit and retain cyber professionals who are in high demand across the government and private sector. The approved legislation will help address critical challenges that the Department faces in hiring and retaining cybersecurity professionals by providing the Secretary of Homeland Security hiring and compensation authorities for cybersecurity experts like those of the Secretary of Defense.

Finally, the House of Representatives also passed Cybersecurity Workforce Assessment Act (H.R. 2952) yesterday. The assessment would examine where critical cyber positions are located within the Department, the Department’s readiness and capacity to meet its cyber missions, and the types of positions. The goal of the strategy would be to enhance the readiness, capacity, training, recruitment, and retention of the cybersecurity workforce, and would include a recruitment and implementation plan.