DHS cyber reorg bill coming


The chairman of the House Homeland Security Committee plans to reintroduce legislation that would rename and reorganize the cybersecurity division at Department of Homeland Security in the coming weeks, dubbing it a priority.

The Department of Homeland Security has been touting a plan for some time to reorganize and rename its National Protection and Programs Directorate to more closely bind cyber and physical security capabilities as well as elevate the directorate to a headquarters division.

In a March 28 subcommittee hearing on the current state of DHS' effort to secure federal networks, House Homeland Security Committee Chairman Michael McCaul (R-Texas) said he will introduce a bill in the next two weeks that would "create a stronger, consolidated cybersecurity agency" at DHS. The proposal, he said "will elevate the cybersecurity mission at DHS at a critical time and further enhance cyber operations, including those to more effectively secure federal networks."

McCaul told FCW after the hearing that he planned a markup of the NPPD bill "by the end of spring" and that it was a priority.

In testimony before the Cybersecurity and Infrastructure Subcommittee, Jeanette Manfra, acting undersecretary for cybersecurity at NPPD, told lawmakers that rebranding the agency was at the top of her legislative wish list. "It's very important for us," she said.

Lawmakers on the panel asked Manfra about the progress of DHS' Einstein, Continuous Diagnostics and Mitigation and information-sharing programs. 

DHS came in for only slight criticism on Einstein and CDM shortfalls during the hearing. Gregory Wilshusen, director, Information Security Issues at the Government Accountability Office, said Einstein was limited in its ability to detect intruder signatures that weren't on its list or hadn't been detected before. Its ability to analyze network data for trends as well as share information with agencies on cyber threats and incidents were also limited.

However, he said DHS had taken up the nine recommendations GAO made for improvements in Einstein's detection, notification, analytics and information-sharing capabilities.

IT modernization and protecting legacy IT at federal agencies are two top challenges for DHS going forward, Manfra said.

Acquisition reform, she said, could help with both.

"Acquisition reform is important," Manfra said, as traditional federal acquisition practices can blunt technology refreshes that bring new, more effective capabilities.

A faster capability to buy tech goods and services, she said, would help the agency keep up with galloping IT capabilities, as would a more flexible way to work with non-traditional contracts.

Leveraging government buying power across government, Wilshusen said, could also strengthen cybersecurity as it could lead to common, more interoperable solutions across agencies. "It's important for integration of the computing environment."

The panel was concerned, however, about DHS' indicator sharing program with private industry. Congress has been working to build DHS’s ability to work with commercial companies to exchange threat indicators.

Rep. James Langevin (D-R.I) told Manfra that DHS "needs to work harder on information sharing, including sharing context along with the indicators. Companies have complained that raw threat indicators don't provide them with enough information to take action.

Manfra said a year into the threat indicator sharing program, there are about 200 participants getting indicators from DHS. "We're looking to improve the program," she said, potentially providing scoring and context along with the indicator data. She said companies "understood that we're improving, but we still need to do more."

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at [email protected] or follow him on Twitter at @MRockwell4.


  • Workforce
    Shutterstock image 1658927440 By Deliris masks in office coronavirus covid19

    White House orders federal contractors vaccinated by Dec. 8

    New COVID-19 guidance directs federal contractors and subcontractors to make sure their employees are vaccinated — the latest in a series of new vaccine requirements the White House has been rolling out in recent weeks.

  • FCW Perspectives
    remote workers (elenabsl/

    Post-pandemic IT leadership

    The rush to maximum telework did more than showcase the importance of IT -- it also forced them to rethink their own operations.

Stay Connected