Senators wrap DHS cyber bills together in bid for floor time

A Senate committee on Wednesday approved a cybersecurity bill that would give the Department of Homeland Security (DHS) considerable powers to defend government networks from hackers.

Since the catastrophic data breach at the Office of Personnel Management (OPM), policymakers have been scrambling to shore up network defenses.


Senate Homeland Security and Governmental Affairs Committee Chairman Ron JohnsonRonald (Ron) Harold JohnsonSunday shows preview: Lawmakers prepare for SCOTUS confirmation hearings before election The Hill's Morning Report - Sponsored by Facebook - Trump previews SCOTUS nominee as 'totally brilliant' The Hill's 12:30 Report: Ginsburg lies in repose MORE (R-Wis.) vowed that the measure approved Wednesday, the Federal Cybersecurity Enhancement Act, would help.

“With this act in place, it will become far more difficult for our adversaries to steal our private data and to penetrate government networks,” he said.

The bill — introduced Monday with the panel’s top Democrat, Sen. Tom CarperThomas (Tom) Richard CarperEnergy innovation bill can deliver jobs and climate progress The conservative case for phasing out hydrofluorocarbons Democrat asks for probe of EPA's use of politically appointed lawyers MORE (Del.) — would require all agencies to adopt several cybersecurity best practices. It would also accelerate the rollout of the government’s anti-hacking shield, dubbed “Einstein,” that detects and repels known cyber threats.

During Wednesday's markup, Johnson’s committee adopted two amendments that essentially combined his bill with another major DHS-focused piece of legislation that a bipartisan group of six senators introduced last week.

That measure would reform the 12-year-old Federal Information Security Management Act (FISMA) and formalize the DHS's role in protecting government networks and websites. Known as the FISMA Reform Act, the bill would give the DHS legal authority to deploy tools that search for intrusions on government networks at any agency without a formal request.

“Right now, DHS does not have the authorities it needs to enforce cybersecurity standards, and agencies’ reliance on DHS to find and neutralize cyber threats is voluntary,” Sen. Mark WarnerMark Robert WarnerFBI director casts doubt on concerns over mail-in voting fraud Democrats call for declassifying election threats after briefing by Trump officials It's time to upgrade benefits MORE (Va.), that bill’s lead Democrat, said on Wednesday. “That’s a real problem.”

Sen. Susan CollinsSusan Margaret CollinsTrump's Teflon problem: Nothing sticks, including the 'wins' Durbin: Democrats can 'slow' Supreme Court confirmation 'perhaps a matter of hours, maybe days at most' Senate GOP set to vote on Trump's Supreme Court pick before election MORE (Maine), the lead Republican on the FISMA Reform Act, said she was “very pleased” by the merger of the bills.

“It is long overdue to make sure all of our federal networks and the information they hold are properly protected and secured,” she added.

The amendments were offered by Sens. Kelly AyotteKelly Ann AyotteBottom line Bottom line Bottom Line MORE (R-N.H.) and Claire McCaskillClaire Conner McCaskillMomentum growing among Republicans for Supreme Court vote before Election Day Democratic-linked group runs ads in Kansas GOP Senate primary Trump mocked for low attendance at rally MORE (D-Mo.), the two co-sponsors of the original bill and members of the Homeland Security panel.

Other amendments were relatively minor.

Sen. Rand PaulRandal (Rand) Howard PaulRon Paul hospitalized in Texas The Hill's Morning Report - Sponsored by Facebook - Trump previews SCOTUS nominee as 'totally brilliant' Rand Paul says he can't judge 'guilt or innocence' in Breonna Taylor case MORE (R-Ky.), who is running for president, got language tacked on that would require a report on whether the Einstein program collects private information not related to cyber threats. Paul’s dogged opposition to government data collection has been a prominent part of his White House bid.

Sen. Ben Sasse (R-Neb.) also got two oversight amendments approved.

One would require the administration to file a report to Congress on the full damage of the recent OPM hacks. The other would require an assessment of what unclassified information can be combined to produce classified data.

National security experts fear Chinese hackers are amassing a database of mostly unclassified data that could still be cross-referenced to uncover classified intelligence, such as the identity of undercover agents.

Senators will now search for a way to get the fortified Federal Cybersecurity Enhancement Act through the upper chamber.

“With each passing day, and for the foreseeable future, our federal agencies will continue to come under a cascade of attacks in cyberspace, as will our businesses and critical infrastructure,” Carper said.

Over the past few weeks, lawmakers backing both efforts had expressed interest in offering their language as an amendment to a cybersecurity bill that had been expected to hit the floor before the August recess.

The bill, known as the Cybersecurity Information Sharing Act, would increase the exchange of data on hackers between the public and private sectors.

But Senate leadership changed course, choosing instead to act on a bill that would strip Planned Parenthood of its federal funding. It’s now unlikely the cyber bill will hit the floor until the fall.

"Congress needs to make bolstering our cyber defenses — and staying ahead of this evolving threat — a top priority," Carper added.