Senate passes key cyber bill cementing cybersecurity agency at DHS

Senate passes key cyber bill cementing cybersecurity agency at DHS
© Getty

The Senate on Wednesday passed a key cyber bill that solidifies the Department of Homeland Security’s role as the main federal agency overseeing civilian cybersecurity.

Sen. Dan SullivanDaniel Scott SullivanLincoln Project targets Senate races in Alaska, Maine, Montana with M ad buy Overnight Energy: Official says protesters not cleared from Lafayette Square for Trump | Trump administration blasts banks refusing to fund Arctic drilling | 2019 coal production hit lowest level since 1978 Trump administration blasts banks that refuse to fund arctic drilling MORE (R-Alaska) asked for “unanimous consent” to pass the Cybersecurity and Infrastructure Security Agency Act, a bipartisan bill that will establish a cybersecurity agency that is the same stature as other units within DHS.

The legislation, which has not been viewed as particularly contentious, passed the House easily last year, but stalled for several months in the Senate. Sens. Ron JohnsonRonald (Ron) Harold JohnsonThis week: Negotiators hunt for coronavirus deal as August break looms Sunday shows preview: White House, Democratic leaders struggle for deal on coronavirus bill Frustration builds as negotiators struggle to reach COVID-19 deal MORE (R-Wis.) and Claire McCaskillClaire Conner McCaskillDemocratic-linked group runs ads in Kansas GOP Senate primary Trump mocked for low attendance at rally Missouri county issues travel advisory for Lake of the Ozarks after Memorial Day parties MORE (D-Mo.), the leaders of the Senate Homeland Security Committee, successfully moved it through the upper chamber on Wednesday.

The bill will rebrand DHS’s main cybersecurity unit known as National Protection and Programs Directorate (NPPD) as the Cybersecurity and Infrastructure Protection Agency, spinning the headquarters office out into a full-fledged operational component of DHS on the same level as Secret Service or FEMA.

ADVERTISEMENT

NPPD's top cyber official, Christopher Krebs, would become the cyber agency's director under this bill.

NPPD is responsible for securing federal networks and protecting critical infrastructure from cyber and physical threats.

NPPD has seen its responsibilities rapidly expand in the decade since its inception, most recently taking the lead on engaging with states to protect digital election infrastructure from sabotage following Russian interference in the 2016 election.

The Senate made some differences in the House-passed bill, including amendments from Sen. Lisa MurkowskiLisa Ann Murkowski300 green groups say Senate has 'moral duty' to reject Trump's public lands nominee Senate GOP divided over whether they'd fill Supreme Court vacancy  On The Money: Unemployment benefits to expire as coronavirus talks deadlock | Meadows, Pelosi trade criticism on stalled stimulus talks | Coronavirus recession hits Social Security, Medicare, highway funding MORE (R-Alaska) and a substitute amendment from Sen. Ron Johnson (R-Wis.). This means the legislation will have to be sent back to the lower chamber for approval before it arrives at the president's desk.

Top DHS officials have been pushing for the bill to pass, arguing it would better communicate their mission to the private sector and help DHS recruit top cyber talent.

DHS Secretary Kirstjen NielsenKirstjen Michele NielsenTrump's acting ICE chief to leave post Trump's fight with city leaders escalates Neo-Nazi pleads guilty to 'swatting' Black church, Cabinet official, journalists MORE recently said the Cybersecurity and Infrastructure Security Agency Act would recognize the "importance" of the agency's mission.

"We are responsible for federal efforts when it comes to both protecting critical infrastructure, working with the owner-operators in private sector, and protecting all those civilian dot govs," Nielsen told The Washington Post on Tuesday during a livestreamed interview.

"To do that, we have to have both a name that indicates that is what we do, and we have to be able to streamline the organization so that we can become more operational.”

Rep. Michael McCaulMichael Thomas McCaulHouse Republicans introduce legislation to give states 0 million for elections Hillicon Valley: Democrats request counterintelligence briefing | New pressure for election funding | Republicans urge retaliation against Chinese hackers House Republicans urge Trump to take action against Chinese hackers targeting coronavirus research MORE (R-Texas), head of the House Homeland Security Committee Chairman, introduced the bill, which has bipartisan support.

“I am thrilled that the Senate passed this critical, bipartisan legislation and I look forward to championing CISA through its final step in Congress before heading to the President’s desk," McCaul said in a statement to The Hill.

McCaul said this will help the agency combat hackers and hostile nation states that are "finding new ways to attack our cyber infrastructure and expose vulnerabilities."

Rep. John RatcliffeJohn Lee RatcliffeHillicon Valley: Google extending remote work policy through July 2021 | Intel community returns final Russia report to Senate committee after declassification | Study finds election officials vulnerable to cyberattacks Intel community returns final Russia report volume to Senate after declassification review Hillicon Valley: Feds warn hackers targeting critical infrastructure | Twitter exploring subscription service | Bill would give DHS cyber agency subpoena power MORE (R-Texas), head of the House Homeland's Cybersecurity and Infrastructure Protection subcommittee, also praised the bill's passage. 

“As the culmination of years of rigorous oversight by the House Homeland Security’s cybersecurity subcommittee, CISA will define our nation’s leading cybersecurity agency as a standalone operational organization clearly tasked with deploying DHS’ cybersecurity and infrastructure security missions," Ratcliffe wrote in a statement.

-- Morgan Chalfant contributed. Updated 10:13 p.m.