Administration renews call for cyber legislation

Shutterstock image: the Capitol Building in autumn with orange leaves. 

With Congress back in session this week, top officials at the Department of Homeland Security have renewed their calls for lawmakers to pass cybersecurity legislation to strengthen DHS’s ability to mitigate cyberattacks.

In a Sept. 9 op-ed in The Hill newspaper, DHS Secretary Jeh Johnson said there is only so much his agency can do to carry out its cybersecurity mission without firmer legal authorization. "Within the federal government, existing statutory authorities are unclear, and worse, do not adequately reflect the department's role and responsibility for protecting the .gov network," he wrote.

DHS’s statutory authorities are limited in the sense that the department relies on the Homeland Security Act of 2002 for its legal mandate to deal with cybersecurity, according to Larry Zelvin, who stepped down last month as head of DHS’s National Cybersecurity and Communications Integration Center, a 24/7 hub for monitoring cyber threats.

The House passed three measures July 28 designed to boost information sharing, advance cyber technologies and improve the DHS cybersecurity workforce. One of those bills, sponsored by Homeland Security Committee Chairman Michael McCaul (R-Texas) would give DHS some of the codified authority it is looking for by strengthening NCCIC.  

The Senate has been slower to act, but Johnson said he is convinced that Congress can rally around "areas of strong consensus" to pass cybersecurity legislation: codifying DHS’s cybersecurity responsibilities, making it easier for DHS and the private sector to collaborate on cybersecurity, and improving the department’s ability to hire top cyber talent. 

A day after Johnson’s op-ed was published, Suzanne Spaulding, DHS undersecretary for the National Protection and Programs Directorate, hammered the point home in testimony before the Senate Homeland Security and Government Affairs Committee. 

"While both the cybersecurity threat and the nation’s dependence on cyber infrastructure has grown exponentially, the legal framework, particularly regarding the articulation of the department’s authorities, has not kept pace," Spaulding said, adding that "legislative action is vital."

Some lawmakers have expressed a sense of urgency to act before the end of the 113th Congress.

"If we don't do it between now and the end of year, and it's thrown over to the next Congress, the House is going to have a new influx of members, the Senate’s going to have a new influx of members," Georgia Republican Saxby Chambliss, the retiring vice chairman of the Senate Intelligence Committee, said in June. "The balance of power may change, and you’re looking at a year from now and I’m betting you nothing would be done."

He was specifically referring to an information-sharing bill he co-sponsored with Sen. Dianne Feinstein (D-Calif.), which the Intelligence panel approved in July.

About the Author

Sean Lyngaas is a former FCW staff writer.


  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected