A group of bipartisan House lawmakers rolled out legislation this week to put in place a term limit for the director of the Cybersecurity and Infrastructure Security Agency (CISA) in the wake of escalating cybersecurity incidents and turmoil in agency leadership last year.
The CISA Cybersecurity Leadership Act would establish a five-year term for the CISA director position, and reaffirm that the position is presidentially nominated and Senate approved.
The bill was introduced less than a year after former CISA Director Christopher Krebs, the first individual to hold the position, was fired by former President TrumpDonald TrumpCapitol fencing starts coming down after 'Justice for J6' rally Netanyahu suggests Biden fell asleep in meeting with Israeli PM Aides try to keep Biden away from unscripted events or long interviews, book claims MORE for CISA’s efforts to push back against election-related disinformation and misinformation.
Krebs’s departure alongside several other top agency officials left CISA without Senate-confirmed leadership until July, when the Senate unanimously confirmed Jen Easterly as the new director of CISA.
The legislation is sponsored by a group of key cybersecurity leaders in the House led by Rep. Andrew Garbarino (R-N.Y.), the ranking member of the House Homeland Security Committee’s cybersecurity subcommittee.
“The current threat landscape is ever changing and expanding to include a multitude of cyber risks. We must evolve along with it to be best prepared to mitigate these threats,” Garbarino said in a statement Tuesday. “With cyber attacks on the rise, CISA, the lead federal civilian cybersecurity agency for the United States, needs consistent and stable leadership presiding over our nation’s cyber preparedness.”
“This bipartisan bill will remove any uncertainty from the CISA Director role so that the Director can focus squarely on strengthening our cyber posture,” he said.
Other sponsors include House Homeland Security Committee Chairman Bennie ThompsonBennie Gordon ThompsonJan. 6 committee taps former Bush administration official as top lawyer Overnight Defense & National Security: US-Australian sub deal causes rift with France Jan. 6 panel says it is reviewing Milley actions MORE (D-Miss.), ranking member John KatkoJohn Michael KatkoEmboldened Trump takes aim at GOP foes McCarthy-allied fundraising group helps Republicans who voted to impeach Trump Bipartisan House group introduces legislation to set term limit for key cyber leader MORE (R-N.Y.), cybersecurity subcommittee Chairwoman Yvette ClarkeYvette Diane ClarkeImmigrants stepped up during the pandemic — we must do the same for them Bipartisan House group introduces legislation to set term limit for key cyber leader Hillicon Valley — Industry groups want more time to report cybersecurity incidents MORE (D-N.Y.), and Reps. Jim LangevinJames (Jim) R. LangevinBipartisan House group introduces legislation to set term limit for key cyber leader House panel approves B boost for defense budget Democratic lawmakers urge DHS to let Afghans stay in US MORE (D-R.I.), Mike GallagherMichael (Mike) John GallagherBipartisan House group introduces legislation to set term limit for key cyber leader 20,000 Afghan evacuees housed at military bases in five states: report Absent Democrats give Republicans new opening on Afghanistan MORE (R-Wis.) and Ralph NormanRalph Warren NormanRepublicans demanding Blinken impeachment are forgetting one thing — the Constitution NY Democrat tests positive for COVID-19 in latest House breakthrough case Reps. Greene, Roy fined for not wearing masks on House floor MORE (R-S.C.).
"Cybersecurity isn't a partisan issue,” Thompson and Clarke said in a joint statement Tuesday. “As the cyber threats facing the nation continue to evolve, we need steady leadership at the Cybersecurity and Infrastructure Security Agency. We are proud to work with Ranking Member Garbarino on this important legislation and look forward to working with him to get it across the finish line.”
The bill was introduced in the wake of months of major cyber incidents impacting both the U.S. government and thousands of businesses. These have included the SolarWinds hack, which compromised nine federal agencies for most of last year and which U.S. intelligence agencies linked to the Russian government.
Other incidents have included ransomware attacks on critical groups such as Colonial Pipeline and meat producer JBS USA. Attacks on both groups by Russian-linked cybercriminal groups in May put key supply chains at risk, and prompted President BidenJoe BidenCapitol fencing starts coming down after 'Justice for J6' rally Senate parliamentarian nixes Democrats' immigration plan Biden pushes back at Democrats on taxes MORE to bring up ransomware attack concerns with Russian President Vladimir PutinVladimir Vladimirovich PutinPutin's party expected to keep control of lower house amid fraud complaints Clinton lawyer's indictment reveals 'bag of tricks' Hillicon Valley — Facebook 'too late' curbing climate falsities MORE when they met in person in June.
CISA bills itself as the “nation’s risk advisor,” and is tasked with helping secure critical sectors against cyberattacks, including elections.
“As our nation faces the most dynamic and complex cyber threat landscape in history, we need stable leadership at the helm of CISA,” Katko said in a statement Tuesday. “I commend Ranking Member Garbarino for his leadership of this important bipartisan effort. We will continue working together to ensure CISA has the resources, workforce, and authorities it needs to effectively carry out its mission.”