Senate passes key cyber bill cementing cybersecurity agency at DHS

Senate passes key cyber bill cementing cybersecurity agency at DHS
© Getty

The Senate on Wednesday passed a key cyber bill that solidifies the Department of Homeland Security’s role as the main federal agency overseeing civilian cybersecurity.

Sen. Dan SullivanDaniel Scott SullivanManchin puts hold on FCC nomination over wireless internet fund delay The Year Ahead: Pressure mounts on election security as 2020 approaches GOP senator: Arctic Ocean may be ice-free in summer within 20 years MORE (R-Alaska) asked for “unanimous consent” to pass the Cybersecurity and Infrastructure Security Agency Act, a bipartisan bill that will establish a cybersecurity agency that is the same stature as other units within DHS.

The legislation, which has not been viewed as particularly contentious, passed the House easily last year, but stalled for several months in the Senate. Sens. Ron JohnsonRonald (Ron) Harold JohnsonBipartisan supply chain bill likely punted to next Congress, McCaskill says Overnight Defense: Trump at G-20 | Calls Ukraine 'sole reason' for canceling Putin meeting | Senate passes resolution condemning Russian actions | Armed Services chairmen warn against defense cuts Senate passes resolution condemning Russian aggression against Ukraine MORE (R-Wis.) and Claire McCaskillClaire Conner McCaskillThe Year Ahead: Tech braces for new scrutiny from Washington McCaskill: 'Too many embarrassing uncles' in the Senate FEC votes to allow lawmakers to use campaign funds for personal cybersecurity MORE (D-Mo.), the leaders of the Senate Homeland Security Committee, successfully moved it through the upper chamber on Wednesday.

The bill will rebrand DHS’s main cybersecurity unit known as National Protection and Programs Directorate (NPPD) as the Cybersecurity and Infrastructure Protection Agency, spinning the headquarters office out into a full-fledged operational component of DHS on the same level as Secret Service or FEMA.

ADVERTISEMENT

NPPD's top cyber official, Christopher Krebs, would become the cyber agency's director under this bill.

NPPD is responsible for securing federal networks and protecting critical infrastructure from cyber and physical threats.

NPPD has seen its responsibilities rapidly expand in the decade since its inception, most recently taking the lead on engaging with states to protect digital election infrastructure from sabotage following Russian interference in the 2016 election.

The Senate made some differences in the House-passed bill, including amendments from Sen. Lisa MurkowskiLisa Ann MurkowskiHouse funding bill scraps Arctic icebreaker program Senate advances Trump energy pick after Manchin flips The Senate must reject Bernard McNamee’s nomination for FERC MORE (R-Alaska) and a substitute amendment from Sen. Ron Johnson (R-Wis.). This means the legislation will have to be sent back to the lower chamber for approval before it arrives at the president's desk.

Top DHS officials have been pushing for the bill to pass, arguing it would better communicate their mission to the private sector and help DHS recruit top cyber talent.

DHS Secretary Kirstjen NielsenKirstjen Michele NielsenNo reason to assume American relations with Mexico are rocky DHS watchdog launches probe into death of 7-year-old migrant girl Dems demand probe into death of 7-year-old in DHS custody MORE recently said the Cybersecurity and Infrastructure Security Agency Act would recognize the "importance" of the agency's mission.

"We are responsible for federal efforts when it comes to both protecting critical infrastructure, working with the owner-operators in private sector, and protecting all those civilian dot govs," Nielsen told The Washington Post on Tuesday during a livestreamed interview.

"To do that, we have to have both a name that indicates that is what we do, and we have to be able to streamline the organization so that we can become more operational.”

Rep. Michael McCaulMichael Thomas McCaulPuerto Ricans may have elected Rick Scott and other midterm surprises Midterm results shake up national map Senate passes key cyber bill cementing cybersecurity agency at DHS MORE (R-Texas), head of the House Homeland Security Committee Chairman, introduced the bill, which has bipartisan support.

“I am thrilled that the Senate passed this critical, bipartisan legislation and I look forward to championing CISA through its final step in Congress before heading to the President’s desk," McCaul said in a statement to The Hill.

McCaul said this will help the agency combat hackers and hostile nation states that are "finding new ways to attack our cyber infrastructure and expose vulnerabilities."

Rep. John RatcliffeJohn Lee RatcliffeCongress can open the door to true digital service delivery in government Hillicon Valley: Russian-linked hackers may have impersonated US officials | Trump signs DHS cyber bill | Prosecutors inadvertently reveal charges against Assange | Accenture workers protest border enforcement work | App mines crypto for bail bonds McCarthy, other Republicans back Ratcliffe to be next attorney general MORE (R-Texas), head of the House Homeland's Cybersecurity and Infrastructure Protection subcommittee, also praised the bill's passage. 

“As the culmination of years of rigorous oversight by the House Homeland Security’s cybersecurity subcommittee, CISA will define our nation’s leading cybersecurity agency as a standalone operational organization clearly tasked with deploying DHS’ cybersecurity and infrastructure security missions," Ratcliffe wrote in a statement.

-- Morgan Chalfant contributed. Updated 10:13 p.m.