BREAK IN TRANSCRIPT
Ms. CLARKE of New York. Mr. Speaker, I yield myself such time as I may consume.
Mr. Speaker, I rise in strong support of H.R. 3696, the National Cybersecurity and Critical Infrastructure Protection Act of 2014, and I am pleased to be here today as an original cosponsor of this legislation.
This bipartisan legislation gives the Department of Homeland Security the legislative authority it needs to carry out its cyber mission and to help protect our Nation's critical infrastructure from cyber attacks and intrusions.
The approach taken in this bill is very much in line with DHS' approach since 2007, when President Bush designated the Department as the lead Federal civilian agency for cybersecurity.
This is a dual mission. DHS is responsible for working with Federal civilian agencies to protect Federal IT networks and the dot-gov domain. At the same time, DHS is responsible for effectively partnering with the private sector to raise its level of cyber hygiene and foster greater cybersecurity.
I am pleased that H.R. 3696 authorizes the 247 operations of the National Cybersecurity and Communications Integration Center, also referred to as NCCIC. The NCCIC has been the epicenter for information sharing about the activities of cyberterrorists and criminals and the reporting of cyber incidents by critical infrastructure owners and operators.
Additionally, the bill codifies ongoing efforts to raise the level of cybersecurity within critical infrastructure sectors. Specifically, it authorizes the development and implementation, in coordination with the private sector, of voluntary risk-based security standards.
This provision essentially codifies the process that the National Institute of Standards and Technology, also known as NIST, undertook pursuant to an executive order that President Obama issued in February of 2013.
Under the approach taken in this bill, we are asking business and government to come together to find an adaptable and cooperative cybersecurity framework, not an off-the-shelf or check-the-box solution, to raise the level of cybersecurity across the Nation.
I am pleased that the measured and targeted approach taken to working with the private sector was supported by the American Civil Liberties Union, which called our bill ``pro-security and pro-privacy.''
The President said it best:
It is the policy of the United States to enhance the security and resilience of the Nation's critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties.
While I am also pleased about all we do with respect to the Department's mission to work with the private sector on cybersecurity, I am a bit disappointed that key language that clarifies DHS' roles with respect to other Federal agencies and protection of the dot-gov domain is not in the bill before you today.
Unfortunately, the striking of these provisions appears to have been the price the Committee on Homeland Security had to pay to get this important legislation to the floor.
It seems that the provisions that would have given DHS specific authority to respond in a more timely manner to Federal network breaches were opposed by another committee chairman. Unfortunately, that chairman has willfully chosen to ignore reality.
The reality is that since 2008, DHS has assumed responsibility for working with agencies to protect the dot-gov domain, not the Office of Management and Budget.
It is my hope that, as this legislation moves through the legislative process, there will be progress on efforts to ensure that the law reflects this reality.
With that, Mr. Speaker, I urge passage of H.R. 3696, and I reserve the balance of my time.
BREAK IN TRANSCRIPT
Ms. CLARKE of New York. Mr. Speaker, I have no more speakers. If the gentleman from Texas has no more speakers, then, in closing, I urge the passage of H.R. 3696. It is legislation that will enhance DHS' ability to execute its cybersecurity mission. I am particularly pleased that it includes language that I authored to help ensure that DHS has the cyber workforce it needs to execute that mission.
I would like to thank Chairman McCaul and Ranking Member Thompson, as well as the subcommittee chair, Mr. Meehan, for their leadership and their vision, and for their understanding that this is something that keeps us up at night, that this is something that this body must move forward to address--that this is a 21st century threat for which we cannot sit idly by and do nothing about. Their leadership on H.R. 3696 and on the suite of cyber legislation on the floor today speaks volumes to moving us in the right direction.
With that, Mr. Speaker, I urge the passage of H.R. 3696, and I yield back the balance of my time.
BREAK IN TRANSCRIPT