Bill establishing new DHS agency for cybersecurity, infrastructure protection clears House

The House of Representatives approved legislation on Monday that would recalibrate the Department of Homeland Security’s cybersecurity and infrastructure security functions by establishing the Cybersecurity and Infrastructure Agency (CISA), a standalone organization.

Under the Cybersecurity and Infrastructure Security Agency Act of 2017, H.R. 3359, CISA would supplant DHS’ National Protection and Program Directorate as the nation’s leading civilian cyber security agency.

Homeland Security Secretary Kirstjen Nielsen applauded House approval of the bill and called for swift Senate action on the measure. An attempted terrorist attack in New York City on Monday morning, Nielsen said, reiterates that critical infrastructure can be “prime targets’ of U.S. adversaries, and that “our approach to security must evolve.”

“This legislation, which has bipartisan support, has been a priority of this administration from day one,” Nielsen said. “I look forward to continuing to work with Congress to move this important legislation forward.”

Nielsen also commended U.S. Rep. Michael McCaul (R-TX), the chairman of the House Homeland Security Committee, for advancing the measure out of committee.

Advancements in technology and increased dependence on computer networks provide new ways for nation states, hackers and cybercriminals to attack cyber infrastructure and expose vulnerabilities, McCaul said.

“This re-alignment will achieve DHS’s goal of creating a stand-alone operational organization, focusing on and elevating its vital cybersecurity and infrastructure security missions to strengthen the security of digital America and our nation’s critical infrastructure,” McCaul said.

U.S. Rep. John Ratcliffe (R-TX), the chairman of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection, said the creation of CISA would elevate cybersecurity and infrastructure missions by providing more flexibility and a better structure.

“One of my primary goals as a lawmaker is to be a productive steward of our country’s cybersecurity posture, and this stems from a fundamental obligation to safeguard the American people,” Ratcliffe said. “By authorizing the Cybersecurity and Infrastructure Security Agency within DHS, we’re establishing the structure, the nomenclature and the flexibility we need to ensure we’re successfully achieving this goal.”