House panel advances DHS cyber vulnerabilities bills

House panel advances DHS cyber vulnerabilities bills
© Greg Nash

The House Homeland Security Committee on Thursday advanced a pair of bills addressing cyber vulnerabilities at the Department of Homeland Security (DHS).

Only minor amendments were offered for both bills, which were passed during what is expected to be the committee’s final markup of the legislative session.

Rep. John RatcliffeJohn Lee RatcliffeHillicon Valley: Tim Cook visits White House | House hearing grapples with deepfake threat | Bill, Melinda Gates launch lobbying group | Tech turns to K-Street in antitrust fight | Lawsuit poses major threat to T-Mobile, Sprint merger Hillicon Valley: Tim Cook visits White House | House hearing grapples with deepfake threat | Bill, Melinda Gates launch lobbying group | Tech turns to K-Street in antitrust fight | Lawsuit poses major threat to T-Mobile, Sprint merger House Intel to take first major deep dive into threat of 'deepfakes' MORE (R-Texas) introduced an amendment to make technical changes to House Majority Leader Kevin McCarthyKevin Owen McCarthyMcConnell defends Trump amid backlash: 'He gets picked at every day' McConnell defends Trump amid backlash: 'He gets picked at every day' The Hill's Morning Report — Uproar after Trump's defense of foreign dirt on candidates MORE’s (R-Calif.) bill, which would create a cyber vulnerability policy at DHS.

ADVERTISEMENT

Ratcliffe said his amendment will ensure that the policy clearly lays out how DHS communicates with security researchers about how to mitigate or solve identified vulnerabilities.

Rep. James Langevin (D-R.I.) praised McCarthy's bill, saying that it will open the door to creating a stronger relationship between the agency and well-intentioned hackers who can help identify vulnerabilities.

The committee also advanced a bill introduced by Sen. Maggie HassanMargaret (Maggie) HassanHouse panel advances bill to create cybersecurity standards for government IT devices House panel advances bill to create cybersecurity standards for government IT devices House passes bill to establish DHS cyber 'first responder' teams MORE (D-N.H.) to create a “bug bounty” program at DHS, known as the Hack the Department of Homeland Security Act.

Langevin also supported this legislation, saying he has seen a similar program succeed for the Department of Defense, but he issued a warning about the amount of work that would have to go into fixing identified bugs. He questioned whether the department has the resources to run a successful bounty program.

"A bug bounty will attract thousands and thousands of eyes and you have to be prepared for that," Langevin said. "All of which is to say, I still do have questions about the department’s ability to implement a successful bug bounty program."

He also introduced an amendment to the bill that clarifies that security researchers could offer their assistance to DHS for the program without receiving compensation.

Committee Chairman Michael McCaulMichael Thomas McCaulHouse Dems introduce resolutions to block Trump's Saudi arms sales Hillicon Valley: Democratic state AGs sue to block T-Mobile-Sprint merger | House kicks off tech antitrust probe | Maine law shakes up privacy debate | Senators ask McConnell to bring net neutrality to a vote Hillicon Valley: Democratic state AGs sue to block T-Mobile-Sprint merger | House kicks off tech antitrust probe | Maine law shakes up privacy debate | Senators ask McConnell to bring net neutrality to a vote MORE (R-Texas) ended the hearing by noting that while the House has passed more than 100 pieces of legislation that originated with the committee over the past session, the Senate has failed to address many of the bills.

He said he spoke with Sen. Ron JohnsonRonald (Ron) Harold JohnsonHillicon Valley: Lawmakers angered over Border Patrol breach | Senate Dems press FBI over Russian hacking response | Emails reportedly show Zuckerberg knew of Facebook's privacy issues | FCC looks to improve broadband mapping Hillicon Valley: Lawmakers angered over Border Patrol breach | Senate Dems press FBI over Russian hacking response | Emails reportedly show Zuckerberg knew of Facebook's privacy issues | FCC looks to improve broadband mapping Lawmakers demand answers on Border Patrol data breach MORE (R-Wis.), the chairman of the Senate Committee on Homeland Security and Governmental Affairs, on Wednesday about prioritizing some of those pieces of legislation.

“I really wish the Senate would act,” McCaul said, adding that “99 percent” of the bills were “unanimous, bipartisan good governance bills.”