Lawmakers move to boost federal cybersecurity in annual defense bill

Lawmakers move to boost federal cybersecurity in annual defense bill
© Bonnie Cash

Sen. Ron JohnsonRonald (Ron) Harold JohnsonSenate GOP hedges on attending Trump's convention amid coronavirus uptick Koch-backed group urges Senate to oppose 'bailouts' of states in new ads Romney, Collins, Murkowski won't attend GOP convention MORE (R-Wis.) said Wednesday that he was pushing for inclusion of measures meant to defend the United States against cyber threats in the upcoming annual National Defense Authorization Act (NDAA). 

Johnson, the chairman of the Senate Homeland Security and Governmental Affairs Committee, said during a virtual committee hearing on cyber threats that he hoped to include a provision creating a federal national cybersecurity leadership position in the NDAA. 

“We are working hard to get included in the NDAA so it can become law, there is the need to put someone in charge, a national cyber director,” Johnson said.

ADVERTISEMENT

There is currently no central federal leader for cybersecurity. The departments of Defense and Homeland Security (DHS), along with the intelligence community and the FBI, address cyber threats, but the Trump administration has lacked a central lead since the White House cybersecurity coordinator position was eliminated in 2018. 

Johnson also voiced his support for including a provision that would give DHS’s Cybersecurity and Infrastructure Security Agency (CISA) the ability to subpoena internet service providers for information on vulnerabilities detected critical infrastructure networks. A House committee approved a bill around this issue in January. 

“It’s a very necessary authority that CISA needs, and I am going to ask everybody on our committee to do everything, by hook or by crook, to hopefully get into the NDAA as well,” Johnson said. 

Both recommendations were backed by the Cybersecurity Solarium Commission (CSC), a group created by Congress in 2018 to evaluate the cyber risks to the United States. The group, which includes members of Congress and federal agency leaders, was charged with laying out recommendations on how to defend the nation against these threats. 

The CSC submitted its report, which included over 75 recommendations on how to prevent a cyber doomsday scenario, in March as the coronavirus pandemic began to sweep the world. 

ADVERTISEMENT

Sen. Angus KingAngus KingBiden opens door to supporting nixing legislative filibuster Koch-backed group urges Senate to oppose 'bailouts' of states in new ads Data shows seven Senate Democrats have majority non-white staffs MORE (I-Maine), a co-chair of the commission, testified Wednesday that cyber threats were only “magnified” by COVID-19, as attempted hacks on healthcare and research groups involved in fighting the virus have spiked.

“We have to communicate that to our colleagues, that this isn’t something academic, this is coming at us, this isn’t something that may come at us, it’s coming at today,” King said, adding that the private sector is “being pinged millions of times a day by malicious actors.”

The Senate Armed Services Committee was due to examine the CSC’s recommendations at a hearing in March, but the hearing was postponed due to the virus. Johnson said that Sen. Mike RoundsMarion (Mike) Michael RoundsLincoln Project offers list of GOP senators who 'protect' Trump in new ad Republicans fear backlash over Trump's threatened veto on Confederate names Republican rift opens up over qualified immunity for police MORE (R-S.D.), the chairman of the committee's cyber panel, is “leading the charge” to get recommendations from the CSC included in the 2021 NDAA.

The NDAA, a sweeping annual bill that allocates funding for the Department of Defense, originates in the House and Senate Armed Services Committees. Consideration of the bill has been delayed by the coronavirus pandemic. 

Rep. Mike GallagherMichael (Mike) John GallagherHillicon Valley: Democrats introduce bill banning federal government use of facial recognition tech | House lawmakers roll out legislation to establish national cyber director | Top federal IT official to step down Lawmakers introduce legislation to establish national cybersecurity director House Republican accuses Facebook, Twitter, YouTube of not doing enough to combat Chinese propaganda MORE (R-Wis.), the co-chair of the CSC, said he was working with commission member Rep. Jim LangevinJames (Jim) R. LangevinOvernight Defense: US formally rejects Beijing's South China Sea claims | House set to consider defense policy bill next week | 57 injured as firefighters battle warship blaze Foreign cyber criminals take aim at Americans working from home Hillicon Valley: Democrats introduce bill banning federal government use of facial recognition tech | House lawmakers roll out legislation to establish national cyber director | Top federal IT official to step down MORE (D-R.I.) in the House to gather support for the cybersecurity measures. 

ADVERTISEMENT

“As for the prospects in the House, I can’t give you a good assessment right now, but we are working with the committees,” Gallagher testified to the Senate Homeland Security panel. 

Multiple Senate committees have focused on cyber threats to the U.S. this week. 

Commerce Committee Chairman Roger WickerRoger Frederick WickerSenate GOP hedges on attending Trump's convention amid coronavirus uptick Bottom line GOP rallies around Trump after firing of Manhattan US attorney MORE (R-Miss.) and committee members Jacky RosenJacklyn (Jacky) Sheryl RosenUS lawmakers call on EU to label entire Hezbollah a terrorist organization The Hill's Coronavirus Report: Mnuchin sees 'strong likelihood' of another relief package; Warner says some businesses 'may not come back' at The Hill's Advancing America's Economy summit The Hill's Coronavirus Report: CDC Director Redfield responds to Navarro criticism; Mnuchin and Powell brief Senate panel MORE (D-Nev.) and Cory GardnerCory Scott GardnerThe four China strategies Trump or Biden will need to consider The Hill's Morning Report - Presented by Argentum - All eyes on Florida as daily COVID-19 cases hit 15K Democrats seek to tie GOP candidates to Trump, DeVos MORE (R-Colo.) introduced legislation on Wednesday to boost cybersecurity research and innovation.

Senate Energy and Natural Resources Committee Chairwoman Lisa MurkowskiLisa Ann MurkowskiIllinois House Republican leader won't attend GOP convention in Florida: 'It's not going to be a safe environment' Sixth GOP senator unlikely to attend Republican convention Koch-backed group urges Senate to oppose 'bailouts' of states in new ads MORE (R-Alaska), along with Sen. James Risch (R-Idaho), introduced a separate bill this week to help grid operators boost cybersecurity and protect critical information against attacks. 

King underlined the consequences if Congress fails to take action to protect the nation against cyberattacks, saying an attack with widespread negative consequences was “going to happen.”

“We are seeing the longest wind up for a punch in the history of the world, but that punch is going to come,” King said.