Republicans: Report shows DHS not up to cybersecurity challenge

Senate Republicans are arguing that a recent congressional report on the Homeland Security Department shows that the agency lacks the skills and resources to take a lead role in protecting the nation's computer systems.

The report, issued earlier this week by Sens. Carl Levin (D-Mich.) and Tom Coburn (R-Okla.), concludes that DHS "fusion" intelligence-sharing centers wasted taxpayer dollars by analyzing and relaying information that was either duplicative or unrelated to counterterrorism. The regional centers produced "useless" reports but also collected information on innocent American Muslims, the lawmakers found.

Sens. John McCain (R-Ariz.) and Kay Bailey Hutchison (R-Texas) said the findings bolster their arguments that the Homeland Security Department should have a limited role in cybersecurity. 

The senators opposed legislation earlier this year that would have given DHS the authority to set cybersecurity standards for critical infrastructure, such as gas pipelines and banks. Since the bill's failure, the president has been considering an executive order that would empower the department to set voluntary security standards.

“For months now I’ve been saying that it would be a mistake for the Administration to give the Department of Homeland Security control over our nation’s cybersecurity," Hutchison said in a statement on Wednesday. "This report affirms my position, and I urge the Administration to take the report into account and not issue an Executive Order that significantly expands DHS’s role in cybersecurity.”

McCain said the report should make it clear why he and other Republicans are unwilling to entrust the department with the "vital task of protecting our nation's cybersecurity."

"Rather than overly depending on the DHS for our nation’s cybersecurity, as is this Administration’s preferred approach, we need a strategy which fully utilizes all of our nation’s cybersecurity capabilities,” McCain said.

Republicans oppose government-developed cybersecurity standards, arguing that Congress should encourage companies and the government to share information about cyber threats.

The House passed a cybersecurity bill that focused only on information-sharing earlier this year.

The Senate's Cybersecurity Act, authored by Sen. Joe Lieberman (I-Conn.), also included information-sharing provisions, but it would have given the Homeland Security Department the lead role in facilitating the flow of information.

Democrats and civil-liberties groups argue that a domestic, civilian agency like DHS should lead information-sharing, and not a spy agency like the CIA or the National Security Agency. They opposed the House bill, the Cyber Intelligence Sharing and Protection Act (CISPA), because they worried that allowing companies to hand their customers' information directly to spy agencies would violate their privacy.

Gen. Keith Alexander, the head of U.S. Cyber Command and the NSA, said DHS has a critical role to play in facilitating cyber threat information sharing.

"I see DHS as the entry point for working with industry," Alexander said on Monday at an event hosted by the Wilson Center and National Public Radio. 

Lieberman has argued that DHS has the expertise to handle cybersecurity, and he dismissed the report's findings this week.

“I strongly disagree with the report’s core assertion that ‘fusion centers have been unable to meaningfully contribute to federal counterterrorism efforts,’” Lieberman said on Wednesday.

“This statement is not supported by the examples presented in the report and is contrary to the public record, which shows fusion centers have played a significant role in many recent terrorism cases and have helped generate hundreds of tips and leads that have led to current FBI investigations,” he said.

---