The legislation comes two weeks after a watchdog report on the lack of coordination in the Department of Homeland Security’s cybersecurity efforts.
Two weeks after a watchdog report uncovered a lack of coordination in the Department of Homeland Security’s cybersecurity efforts, a key House committee voted to require the agency to report to Congress on a new cybersecurity strategy.
The House Homeland Security Committee on Sept. 30 approved a bipartisan measure sponsored by Rep. Cedric Richmond, D-La., requiring DHS to report on its strategic goals, its capability to conduct cybersecurity investigations and how it engages with international partners, among other areas.
The DHS inspector general’s review, issued publicly earlier this month, found the agency struggles to coordinate its cyber-response activities and lacks an automated information-sharing tool to share cyberthreat data among its components.
Personnel across different components, including the National Protection and Programs Directorate, “do not have a clear understanding of each other’s responsibilities and operational and investigative capabilities as needed to effectively coordinate and collaborate to fulfill DHS’ cyber mission,” inspectors concluded.
The committee approved the bill Wednesday during a markup session. Several other bills were also OK’d, including legislation to reorganize the agency’s Science and Technology Directorate and to institute a DHS-specific insider-threat monitoring program.
Richmond said his bill would “support the department in meeting some of their most persistent cybersecurity challenges” and “assist the department in the development of a clear and measure strategic cyber posture that can be a model for other government agencies.”
DHS is also responsible for securing civilian agency computer networks.
At the time the report was issued, DHS management told the IG it was already working on implementing an updated cybersecurity strategy that had garnered sign-off from all DHS components.
The House has approved a number of cybersecurity measures this Congress, including controversial legislation that would clear the way for improved information sharing about cyberthreats with private sector companies.
Lawmakers have not yet reconciled differences between that bill and companion legislation in the Senate.