Remarks as prepared for delivery:
Thank you, Mr. Chairman.
I want to thank all of the Commissioners for their work on the Cyberspace Solarium Commission and congratulate them on producing a game-changing report and recommendations that take a bold step in the direction of reinventing our Nation’s cybersecurity policy architecture. The Commission’s legislative proposals accompanying the recommendations are enabling Congress to act quickly and decisively on these urgent measures.
The recommendations I am most interested in hearing about today are, strengthening the Cybersecurity and Infrastructure Security Agency (CISA) and its workforce, evaluating CISA’s facilities needs, strengthening the CISA Director position and making the Assistant Directors career, the National Cyber Director, authorizing CISA to threat hunt on the .gov domain, securing email, developing a strategy to secure email, and modernizing the digital infrastructure of state and local governments and small and mid-sized businesses.
As Ranking Member on the Cybersecurity, Infrastructure Protection, and Innovation Subcommittee, my top priority among the Commission’s recommendations is strengthening and clarifying the Cybersecurity Infrastructure Security Agency’s (CISA) authority and vastly increasing its funding to allow it to carry out its role as the Nation’s risk manager coordinating the protection of critical infrastructure and federal agencies and departments from cyber threats. I introduced this recommendation as a bill, which requires CISA to assess what additional resources are necessary to fulfill its mission. This assessment should examine CISA’s workforce composition and future demands and report to Congress on the findings.
Under the bill, CISA would also evaluate its current facilities and future needs including accommodating integration of personnel, critical infrastructure partners, and other department and agency personnel and make recommendations to GSA. GSA must evaluate CISA’s recommendations and report to Congress within 30 days on how best to accommodate CISA’s mission and goals with commensurate facilities. The facilities evaluation dovetails with the Commission’s recommendation for an integrated cyber center within CISA.
I reintroduced my bill elevating and strengthening the CISA Director position to reflect the significance of the role, making the position the equivalent of an Assistant Secretary or military service secretary. My bill limits the term of the CISA Director to 2, 5-year terms, which ensures the agency has stable leadership. It also depoliticizes the Assistant Director positions by making them a career.
A related legislative proposal that I am working with colleagues to pass, clarifies CISA’s authority to conduct continuous threat hunting across the .gov domain. This will increase CISA’s ability to protect federal networks and allow CISA to provide relevant threat information to critical infrastructure.
Finally, the recommendation to establish a National Cyber Director within the White House is another legislative proposal I am cosponsoring. This Presidentially-nominated and Senate-confirmed National Cyber Director would be the principle cybersecurity advisor of the President, tasked with developing, counseling the President on, and supervising the implementation of a National Cyber Strategy. This leadership will bring focus to our Nation’s cybersecurity as a top strategic priority.
I look forward to hearing from our witnesses today about these Solarium recommendations and the many others that fall under the jurisdiction of our Subcommittee as well as working with my colleagues to attach many of the Commission’s recommendations to the National Defense Authorization Act (NDAA), another must-pass vehicle or pass as stand-alone bills.
In closing, I want to thank the Chairman for holding this important hearing and I look forward to again convening in person with my Committee colleagues.