Senators wrap DHS cyber bills together in bid for floor time

A Senate committee on Wednesday approved a cybersecurity bill that would give the Department of Homeland Security (DHS) considerable powers to defend government networks from hackers.

Since the catastrophic data breach at the Office of Personnel Management (OPM), policymakers have been scrambling to shore up network defenses.


Senate Homeland Security and Governmental Affairs Committee Chairman Ron JohnsonRonald (Ron) Harold JohnsonOVERNIGHT ENERGY: Supreme Court sides with oil companies in Baltimore case| White House environmental justice advisers express opposition to nuclear, carbon capture projects | Biden administration to develop performance standards for federal buildings Sunday shows - Cheney removal, CDC guidance reverberate Ron Johnson calls cyber attacks an 'existential' threat following Colonial Pipeline shutdown MORE (R-Wis.) vowed that the measure approved Wednesday, the Federal Cybersecurity Enhancement Act, would help.

“With this act in place, it will become far more difficult for our adversaries to steal our private data and to penetrate government networks,” he said.

The bill — introduced Monday with the panel’s top Democrat, Sen. Tom CarperThomas (Tom) Richard CarperCarper urges Biden to nominate ambassadors amid influx at border DC statehood bill picks up Senate holdout The Hill's Morning Report - Presented by Facebook - Cheney poised to be ousted; Biden to host big meeting MORE (Del.) — would require all agencies to adopt several cybersecurity best practices. It would also accelerate the rollout of the government’s anti-hacking shield, dubbed “Einstein,” that detects and repels known cyber threats.

During Wednesday's markup, Johnson’s committee adopted two amendments that essentially combined his bill with another major DHS-focused piece of legislation that a bipartisan group of six senators introduced last week.

That measure would reform the 12-year-old Federal Information Security Management Act (FISMA) and formalize the DHS's role in protecting government networks and websites. Known as the FISMA Reform Act, the bill would give the DHS legal authority to deploy tools that search for intrusions on government networks at any agency without a formal request.

“Right now, DHS does not have the authorities it needs to enforce cybersecurity standards, and agencies’ reliance on DHS to find and neutralize cyber threats is voluntary,” Sen. Mark WarnerMark Robert WarnerSenators offer bill to allow remote online notarizations Second suspected 'Havana Syndrome' case near White House under investigation: report Warner: Hack-reporting law 'one of the few areas left where there's broad bipartisan support' MORE (Va.), that bill’s lead Democrat, said on Wednesday. “That’s a real problem.”

Sen. Susan CollinsSusan Margaret CollinsOvernight Health Care: Supreme Court takes case that could diminish Roe v. Wade | White House to send US-authorized vaccines overseas for first time White House: Biden committed to codifying Roe v. Wade regardless of Miss. case CDC's about-face on masks appears politically motivated to help a struggling Biden MORE (Maine), the lead Republican on the FISMA Reform Act, said she was “very pleased” by the merger of the bills.

“It is long overdue to make sure all of our federal networks and the information they hold are properly protected and secured,” she added.

The amendments were offered by Sens. Kelly AyotteKelly Ann AyotteSununu seen as top recruit in GOP bid to reclaim Senate Lobbying world Overnight Defense: NATO expanding troops in Iraq MORE (R-N.H.) and Claire McCaskillClaire Conner McCaskillMissouri Republicans move to block Greitens in key Senate race Democratic Kansas City, Mo., mayor eyes Senate run Demings asked about Senate run after sparring with Jordan on police funding MORE (D-Mo.), the two co-sponsors of the original bill and members of the Homeland Security panel.

Other amendments were relatively minor.

Sen. Rand PaulRandal (Rand) Howard PaulGOP lawmaker calls for Wuhan probe to 'prevent the next pandemic' All congressional Democrats say they have been vaccinated: CNN Fauci on Rand Paul: 'I just don't understand what the problem is with him' MORE (R-Ky.), who is running for president, got language tacked on that would require a report on whether the Einstein program collects private information not related to cyber threats. Paul’s dogged opposition to government data collection has been a prominent part of his White House bid.

Sen. Ben Sasse (R-Neb.) also got two oversight amendments approved.

One would require the administration to file a report to Congress on the full damage of the recent OPM hacks. The other would require an assessment of what unclassified information can be combined to produce classified data.

National security experts fear Chinese hackers are amassing a database of mostly unclassified data that could still be cross-referenced to uncover classified intelligence, such as the identity of undercover agents.

Senators will now search for a way to get the fortified Federal Cybersecurity Enhancement Act through the upper chamber.

“With each passing day, and for the foreseeable future, our federal agencies will continue to come under a cascade of attacks in cyberspace, as will our businesses and critical infrastructure,” Carper said.

Over the past few weeks, lawmakers backing both efforts had expressed interest in offering their language as an amendment to a cybersecurity bill that had been expected to hit the floor before the August recess.

The bill, known as the Cybersecurity Information Sharing Act, would increase the exchange of data on hackers between the public and private sectors.

But Senate leadership changed course, choosing instead to act on a bill that would strip Planned Parenthood of its federal funding. It’s now unlikely the cyber bill will hit the floor until the fall.

"Congress needs to make bolstering our cyber defenses — and staying ahead of this evolving threat — a top priority," Carper added.