Congress Lays Out Tech Funding in Spending Bills and Focuses on Supply Chain Threats

The Senate Appropriations subcommittees forwarded a smorgasboard of funding bills to the full committee last week. Here’s a rundown.

The Homeland Security Department would receive an $86 million boost in cybersecurity money over the Trump administration’s request.

The $1.1 billion cybersecurity appropriation includes $406 million for a collection of intrusion detection and prevention systems known as Einstein, and a $47 million boost over the administration’s request for Continuous Diagnostics and Mitigation, or CDM, a suite of vetted cybersecurity tools and services that Homeland Security offers across the government.

The bill also delivered a $239 million boost over the prior year to Customs and Border Protection, including for new situational awareness technology, and funds new checkpoint tech for the Transportation Security Administration.

The financial services and general government bill includes an $8 million boost at the Treasury Department for priorities including IT upgrades and a funding boost for cybersecurity and financial technology at the Commodities Futures Trading Commission.

The prior week, a committee panel forwarded a legislative branch funding bill that included an $8.5 million boost for Senate cybersecurity capabilities and cyber training for senators and their staffs.

The Calls are Coming from Inside the Supply Chain

A bipartisan Senate duo introduced legislation Tuesday aimed at preventing companies like Kaspersky, Huawei and ZTE from worming their way into government supply chains.

The bill from Sens. Claire McCaskill, D-Mo., and James Lankford, R-Okla., would establish an interagency Federal Acquisition Security Council to study cyber threats to government supply chains and develop rules to mitigate them.

The bill somes as the Homeland Security Department is working on its own cyber supply chain review.

Too Hot To Handle

The House Energy and Commerce Committee met Wednesday for a cybersecurity hearing with the chief information officer and chief operating officer at the Centers for Disease Control and Prevention, but immediately retreated to a closed session because of the “sensitivity” of the conversation.

The major topic discussed was presumably at Government Accountability Office report released the same day—also classified—titled: “Information Security: CDC Needs to Improve Its Program and Resolve Control Deficiencies.”

There’s no knowing what went on behind closed doors, but GAO hopes to put out an unclassified version of the report later this year, a spokesman told Nextgov. There’s no estimated release date for the public report, the spokesman said.

A Win for Wyden

Sen. Ron Wyden, D-Ore., a security and privacy gadfly for companies and government agencies, won a victory Tuesday when Verizon canceled contracts with third-party companies that share its customers’ location data.

The move came after Wyden revealed that a third-party location data aggregator called Secarus was sharing data with law enforcement without demanding a proper warrant.

Coming Up

It’s another big week on the Hill for tech and cyber. Here’s your cheat sheet.

At 10 a.m. Tuesday, the Senate Appropriations Committee’s defense panel will mark-up this year’s defense funding bill.

Also at 10 a.m., the House Veterans Affairs Committee will host a hearing titled, "VA Electronic Health Record Modernization: The Beginning of the Beginning." GAO will be among those testifying.

At 10:30 a.m., two House Science panels will convene a joint hearing titled: “Artificial Intelligence—With Great Power Comes Great Responsibility.”

At 1:15 p.m., the House Energy and Commerce Committee will consider a reauthorization bill for the National Telecommunications and Information Administration.

At 2:30 p.m., a Senate Judiciary panel will hold a hearing on election interference focused on virtual currencies as an avenue for foreign interference.

The administration just released its reorganization plan but the House Oversight Committee already has a hearing set. The committee will convene at 10 a.m. Wednesday for “Examining the Administration’s Governmentwide Reorganization Plan.”

At 11 a.m. Wednesday, the House Small Business Committee will assemble for a hearing about cyber risks the Chinese tech giant ZTE poses to American small businesses.

And at 2 p.m., the House Science Committee will congregate to discuss the threat of phony cell towers, AKA IMSI catchers and stingrays.