By Daniel L. Farris
The U.S. House of Representatives Homeland Security Committee approved four cyber-security related bills on Wednesday, including one which could create a new federal cybersecurity agency. Most significantly, the Committee unanimously approved H.R. 5390 – a bill which aims to transform the Department of Homeland Security (DHS) National Protection and Programs Directorate (NPPD) into a full-blown operational agency. The proposed Cybersecurity and Infrastructure Protection Agency would “realign and streamline” federal cybersecurity initiatives, and implement the Cybersecurity Information Sharing Act (CISA), which passed in December.
“Every day, cybercriminals and nation-states are looking for vulnerabilities to exploit at companies like Target and Sony, our critical infrastructure sectors and our federal government,” Committee Chairman Michael McCaul (R-Texas), said. “While the complexity of these assaults grows, the steps taken today are crucial to ensuring our homeland remains ready to defend against these attacks.”
The Committee also confirmed its support for the Improving Small Business Cyber Security Act (H.R. 5064), the Support for Rapid Innovation Act (H.R. 5388), and the Leveraging Emerging Technologies Act (H.R. 5389). If enacted, the Improving Small Business Cyber Security Act will allow DHS to provide greater resources and support to small business, and to coordinate with small businesses and small-business development centers for the development of improved cybersecurity infrastructure, and for improved education and training of employees on cyber risks.
Similarly, the Support for Rapid Innovation Act adds a new section to the Homeland Security Act which directs DHS – itself or through other federal agencies, in academia, and/or through the private sector – to support research and development efforts for new cybersecurity and data protection technologies. The Leveraging Emerging Technologies Act, will authorize DHS to “engage with innovative and emerging technology developers and firms, including technology-based small businesses and startup ventures,” a move which the Committee believes will help address the federal cybersecurity and technology needs. The LETA also gives DHS the authority to establish U.S. offices in areas with high concentrations of tech and cyber-related businesses.
The bills will now go to the House floor for further consideration. If enacted, companies operating with the cybersecurity and technology spaces can expect additional funding and resources to flow to the sector, but likely not without increased government oversight and/or involvement.
For more information about how new regulations may impact your organizations, or you or your company have questions or concerns, contact the author or a Polsinelli Privacy and Data Security team member.