Hearing of the House Rules Committee - Opening Statement of Rep. Langevin, Hearing on the Need for A Cybersecurity Committee
Hearing
Congressman Jim Langevin (D-RI), Chairman of the House Armed Services Committee's Subcommittee on Intelligence and Emerging Threats and Capabilities and a member of the Cyberspace Solarium Commission, offered the following testimony at the House Rules Committee Members' Day Hearing calling for the creation of a House Permanent Select Committee on Cybersecurity. Langevin's proposal, which he offered with fellow Solarium Commissioner Congressman Mike Gallagher (R-WI), is based on a recommendation in the Commission's report to streamline Congressional oversight on cybersecurity. Video of Langevin's statement and a live feed of the proceedings: https://www.youtube.com/watch?v=8sAqeXaQHA0&feature=youtu.be
"Good afternoon, Chairman McGovern, Ranking Member Cole, and thank you for your commitment to listening to Member feedback as you consider rules changes for the 117th Congress.
"As I'm sure all of my colleagues on this distinguished panel are well aware, cybersecurity has been an issue of great importance to me for more than a dozen years. For more than a decade, I have made protecting our nation's critical infrastructure, from our healthcare system to our power grid to our elections, a top priority.
"I currently serve as the chairman of the Intelligence and Emerging Threats and Capabilities Subcommittee on the Armed Services Committee and as a senior member of the Committee on Homeland Security's Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation. Congressman Michael McCaul and I also co-founded and co-chair the Congressional Cybersecurity Caucus. But I come to you today as a representative of the Cyberspace Solarium Commission to share one of our recommendations to improve the nation's cybersecurity posture.
"Congress created the Solarium Commission in the FY 2019 NDAA, and I had the honor of being appointed to it by Speaker Pelosi. Congress charged the Commission, which comprised four legislators, four deputy-secretary level members of the executive branch, and six private sector experts, with developing a strategic approach to protect the U.S. from cyber attacks of significant consequence.
"We met for a year before releasing our report on March 11 that calls for an approach of layered cyber deterrence. In addition to the strategic vision, we delivered 82 recommendations on how the government can implement it; more than 50 of those recommendations are directed at Congress.
"Thanks in no small part to your leadership, Chairman McGovern, the House has included more than twenty of these bipartisan recommendations in this year's NDAA, including the creation of a National Cyber Director within the Executive Office of the President. I would like to reiterate my thanks to you and your staff, particularly Lori Ismail, in working with us to ensure these important proposals were presented to the full House for debate.
"However, one of the Commission's most critical legislative recommendations is directed not at the Administration, but at Congress itself. Recommendation 1.2 of the Commission report states: "Congress should create House Permanent Select and Senate Select Committees on Cybersecurity to consolidate budgetary and legislative jurisdiction over cybersecurity issues, as well as traditional oversight authority.' That is the proposal I put forward with my Solarium House colleague, Congressman Gallagher, for your consideration today.
"The challenges of cybersecurity jurisdiction were on full display earlier this week when we considered three suspensions relating to grid cybersecurity. Chairman Thompson was correct in the concerns he expressed on the floor during debate that the bills did not reflect the views of the interagency and could increase silos in protecting this critical infrastructure sector. Chairman Pallone was correct in his assertion that, jurisdictionally, the bills were squarely in the remit of the Energy and Commerce Committee. Of course, underlying this debate was the fact that, had Energy and Commerce included language to avoid the silos that the Solarium Commission warns against, the bill could have been referred to any number of additional committees.
"I can think of no clearer example on how the committee structure is broken than that it incentivizes the kind of silos that are antithetical to the whole-of-nation approach we need to combat growing cyber threats.
"Our proposal directly counters this stove piping by centralizing jurisdiction around cybersecurity matters. Among its many benefits, it will increase Congressional cybersecurity policymaking capacity by encouraging staff and member expertise; it will streamline oversight from the dozens of committees and subcommittees that currently claim some jurisdiction; and it will help Congress act with the speed needed to have any hope of keeping up with the pace of technological innovation.
"Mr. Chairman, I understand matters of committee jurisdiction are extremely sensitive. I recognize that this proposal would represent a sea change in how we handle cybersecurity policy. However, I also believe that it is inevitable. We have seen cyber attacks, like NotPetya, that have felled national economies. We have seen our adversaries invest in their offensive cyber capabilities. And we remain the country that, because we best take advantage of the Internet, remain most vulnerable in cyberspace.
"Whether in the form of a massive cyber incident or a more sustained, "death by a thousand cuts' campaign, I believe this Congress will recognize we could have done more and that the current committee structure is actively undermining our ability to do so.
"Mr. Chairman, what I am hoping you and your esteemed colleagues will do with the next rules package is take a page out of the Solarium Commission's playbook. From the outset, we aimed to have the impact of the 9/11 Commission without the precipitating event of a national tragedy on that scale.
"No small task. But as former DNI Coats has said: "The warning lights are blinking red again.' This organizational change will not, by itself, prevent a disaster. But it will best position Congress to ensure the Internet is free, open, interoperable and secure in the decades to come."
Source