Lawmakers to Introduce Measure to Expand DHS Cyber Monitoring Program
A bipartisan bill which will be introduced in the House this week seeks to codify the Department of Homeland Security’s (DHS) Continuous Diagnostics Mitigation (CDM) program into law and expand the program to additional agencies on the federal, state, and local level. The legislation matches legislation introduced in the Senate in July.
The CDM program offers agencies across the federal government access to cyber tools, dashboards, and services. The tools accessed by agencies feed network data back to a central dashboard, allowing both agencies and DHS officials to achieve a “bird’s-eye view” of the government’s cyber landscape. The program was launched by the DHS in 2013.
Lawmakers John Ratcliffe (R-TX) and Ro Khanna (D-CA) in the House and John Cornyn (R-TX) and Maggie Hassan (D-NH) in the Senate hope to make the system easier for federal agencies to use and expand the system to state and local governments as well.
“Our government must have the necessary tools to protect Americans against the massive cybersecurity threats of the 21st century,” Representative Khanna said in a joint press release. “The technology is there: we just have to ensure our agencies have the necessary tools to defend against hackers and cyberthreats. A strong CDM program will be instrumental in that effort.”
The Advancing Cybersecurity Diagnostics and Mitigation Act:
Codifies the work of the CDM program to date;
Requires the Secretary to make CDM capabilities available and develop policies for reporting cyber risks and incidents based upon data collected under CDM;
Directs the Secretary to deploy new CDM technologies to continuously evolve the program;
Requires the Secretary to make the CDM program capabilities available for use to civilian departments and agencies, and State, local, and tribal governments; and
Mandates that DHS develop a strategy to ensure the program continues to adjust to the cyber threat landscape.
The legislation comes as ransomware attacks in Louisiana and Texas stoked concerns regarding state capabilities to combat cyber threats.
“As we saw just recently in a ransomware attack on Stafford County in my home state of New Hampshire, cyberattacks pose a real and growing threat to our national security, from our local nursing homes to our federal agencies,” Senator Hassan said in the release. “I'm pleased that the House of Representatives is introducing their version of this critical bill, and I look forward to continuing to work on a bipartisan basis across the House and Senate to move this bill forward. With constantly evolving threats, it's critical that the Department of Homeland Security enhances its efforts to monitor and address cybersecurity vulnerabilities as they arise, and importantly, ensures that these resources are available to state and local governments across the country.”