WASHINGTON -- The chairman of the U.S. House Committee on Homeland Security said Wednesday his top priority in 2017 will be to push for creation of a cybersecurity agency within the Department of Homeland Security.
[To comment on this story, visit Computerworld's Facebook page.]
“DHS needs focus and resources, and they are doing a decent job, but could be doing a lot better with the help of Congress,” said U.S. Rep. Michael McCaul (R-Texas) in comments to reporters at the National Press Club. “It’s not a Republican or Democratic issue.”
McCaul said one vital role for the DHS in the future would be to provide cyber assistance on national elections that are under the management of the states.
DHS Secretary Jeh Johnson on Friday called for designating the nation’s election infrastructure as a “critical infrastructure,” given the vital role elections play in the country. Johnson emphasized that the designation does not mean there would be a federal takeover or intrusion into elections.
Well before Johnson’s statement was issued, election officials in several states had reached out to federal authorities prior to the November election for cybersecurity assistance. Many states disconnected their voting machines from the internet as a defense, according to Emma Garrison-Alexander, a vice dean in the cybersecurity program at the University of Maryland University College. She is a former CIO for the Transportation Security Administration.
Given the influence of Russian hackers in the 2016 presidential election and China’s hack of the Office of Personnel Management, McCaul said, “there’s no greater attack than that to our democracy.” McCaul said he agreed with many Republicans that the Russian hacks “really had no impact on the outcome of the election, but it is a dangerous precedent.”
McCaul said he has urged President-elect Donald Trump to “call out Russia for bad behavior” and said the U.S. needs to make some kind of equivalent response.
More generally, McCaul said the DHS – as a civilian agency — needs to work more urgently to assist the private sector in defending the nation’s critical infrastructure, including communications, the electric grid and nuclear energy.
“Eighty percent of the malicious codes are in the private sector,” McCaul said. “We need the civilian agency to work with the private sector, but it also needs to defend itself. The private sector has responsibility.”
McCaul also said that he preferred using a civilian agency over having the military defend private infrastructure from cyberattacks.
“More members of Congress realize this [critical infrastructure protection] is an issue,” he added. “Oversight of DHS will be more important. I want to reauthorize DHS and include a lead cybersecurity agency in the department. Right now we don’t have the priority and focus to defend the nation. By creating this primary agency, DHS will have greater capability.”