State and Local Cyber Protection Act of 2015by Representative Sheila Jackson Lee
Posted on 2015-12-10
JACKSON LEE. Mr. Speaker, I yield myself such time as I may
I rise in support of H.R. 3869, the State and Local Cyber Protection Act of 2015.
Let me first of all thank the gentleman from Texas for his leadership in working on this legislation, to again acknowledge our chairs--Mr. McCaul and Mr. Thompson--and also to acknowledge Mr. Ratcliffe and Mr. Richmond for their leadership on this issue.
Mr. Speaker, the threat of the cyber attack is growing, and the damage caused by those attacks, whether it is the theft of personally identifiable information or the disruption of operations, is becoming more costly.
FEMA has identified cybersecurity as an area for national improvement in its National Preparedness Report every year since it was first published in 2012. That finding is based, in large part, on State self- assessments reflecting a lack of confidence in cybersecurity capabilities. The threat posed by criminal and terrorist hackers continues to evolve even as State and local governments work to gain a stronger footing in the cybersecurity mission area.
Let me say that this country continues to grow, continues to increase its population, and continues to become dependent on the cybersecurity infrastructure. Helping to engage State and local entities by training is a crucial, crucial action, if I might applaud the gentleman, but also say it is a very important mission for both the Homeland Security Department and the Committee on Homeland Security. The Department of Homeland Security has resources and capabilities that, when shared with State and local governments, can help them step up their games.
H.R. 3869, the State and Local Cyber Protection Act of 2015, would codify ongoing efforts by instructing the National Cybersecurity and Communications Integration Center, the NCCIC, and the Department of Homeland Security to coordinate with State and local governments and to, upon request, provide assistance to secure their information systems.
Information systems run water entities in our communities. I remember visiting one that was up on the Web, if you will, that could be altered by a cyber attack. This legislation would codify DHS' ongoing coordination effort to give assurances to State and local governments that DHS stands ready to partner with them to protect their network.
Under this bill, DHS is authorized to assist State and local governments to deploy technology capable of diagnosing and mitigating against cyber threats and vulnerabilities.
H.R. 3869 authorizes DHS to provide training to State and local entities regarding integrating policies to protect privacy and civil liberties into their cybersecurity efforts.
It is increasingly important that all levels of government be capable of identifying information system vulnerabilities and of protecting them from unauthorized access, disclosure, and disruption of data.
I will say to the gentleman from Texas (Mr. Hurd) that we have always, as a committee, been reminded of privacy and civil liberties issues while also protecting the American people. To build that capability, the Federal Government has a role to play in assisting State and local entities by providing both technical training on cybersecurity and guidance on potential privacy and civil liberties implications.
Mr. Speaker, many stakeholders throughout the country have told us this bill is a vital, much-needed step in advancing national cybersecurity capabilities.
I urge all of my colleagues to support H.R. 3869.
Mr. Speaker, I support H.R. 3869, the State and Local Cyber Protection Act.
As a Senior Member of the Homeland Security Committee, and Ranking Member of the House Judiciary Committee's Subcommittee on Crime, Terrorism, Homeland Security and Investigations I am well aware of the terrorism and criminal risks to our nation's critical infrastructure, civilian and privacy computer networks.
For this reason, I introduced H.R. 85, the Terrorism Prevention and Critical Infrastructure Protection Act, which directs the Secretary of Homeland Security to work with critical infrastructure owners and operators and state, local, and territorial to take proactive steps to address All Hazards that would impact: national security; economic stability; public health and safety; and/or any combination of these.
This nation is presented with new challenges in confronting threats to our national security, and cybersecurity.
Critical infrastructure remains an essential area that must receive the needed attention to protect it against all threats and all-hazards.
[[Page H9257]] Post-9/11 established the need to anticipate unexpected threats from a variety of sources. The nation must plan to be a step ahead of our enemies in order to effectively detect, deter, and defend against terrorist attacks in whatever form they may arise, including cyberattacks to our nation's critical infrastructure.
It is for these reasons that I proposed H.R. 85, the Terrorism Prevention and Critical Infrastructure Protection Act of 2015. This bill should it become law would greatly assist in our nation's ability to protect critical infrastructure from the worse effects of cyber- attacks.
The nation must be adequately prepared to fight cyber terrorism just as vigorously as we combat other form of terrorism carried out through physical violence. We can be prepared to meet and defeat cyber terrorism threats with legislative efforts like H.R. 85, which would offer tools to effectively address terrorist attacks against critical infrastructure.
The Terrorism Prevention and Critical Infrastructure Protection Act directs the Secretary of Homeland Security (DHS) to: (1) better engage critical infrastructure owners and operators as volunteers for the purpose of coordination of communication among state, local, tribal, and territorial entities for the purpose of taking proactive steps to manage risk and strengthen the security and resilience of the nation's critical infrastructure against terrorist attacks; (2) establish terrorism prevention policy to engage with international partners to strengthen the security and resilience of domestic critical infrastructure and critical infrastructure located outside of the United States; (3) make available research findings and guidance to federal civilian agencies for the identification, prioritization, assessment, remediation, and security of their internal critical infrastructure to assist in the prevention, mediation, and recovery from terrorism events.
The bill sets forth the terrorism protection responsibilities of the Department of Homeland Security as it relates to the Department's responsibility to protection and defends civilian agencies and private sector networks from cyber-attacks.
H.R. 85, Terrorism Prevention and Critical Infrastructure Protection Act also provides guidance to the Secretary of Homeland Security regarding actions to be taken to: (1) facilitate the timely exchange of terrorism threat and vulnerability information as well as information that allows for the development of a situational awareness capability for federal civilian agencies during terrorist incidents; (2) implement an integration and analysis function for critical infrastructure that includes operational and strategic analysis on terrorism incidents, threats, and emerging risks; and (3) support greater terrorism cyber security information sharing by civilian federal agencies with the private sector that protects constitutional privacy and civil liberties rights.
Finally the bill directs the National Research Council to evaluate how well DHS is meeting the objectives of this Act.
I thank Chairman McCaul and Ranking Member Thompson for their support and collaboration in working with me to improve the bill for consideration by the Full Committee and ultimately the House of Representatives as we work to ensure safety, security, resiliency, trustworthiness of vital critical infrastructure networks, while at the same time ensuring that data used for this purpose does not undermine the privacy and civil liberties of Americans.
Mr. Speaker, I reserve the balance of my time.