Committee Hearings Week of 9-25-22

This week with both the House and Senate in session (and the FY spending deadline approaching quickly), there is a relatively light hearing schedule, particularly on the House side of the Hill. We do have a markup hearing of interest, and a hearings on UAS integration.

Homeland Security Markup

The Senate Homeland Security and Governmental Affairs Committee will be holding a business meeting today. It will include nine nomination votes, 22 pieces of legislation and four facility naming bills. Of particular interest here:

S ___, Strengthening Agency Management and Oversight of Software Assets Act of 2022,

S 4913, Securing Open Source Software Act of 2022,

S 4882, Fire Grants and Safety Act,

S ___, Protecting the Border from Unmanned Aircraft Systems Act,

HR 7777, Industrial Control Systems Cybersecurity Training Act,

HR 6824, President’s Cup Cybersecurity Competition Act, and

HR 6873, Bombing Prevention Act of 2022

UAS Integration

The Subcommittee on Aviation Safety, Operations and Innovation of the Senate Commerce, Science, and Transportation Committee will be holding a hearing on “FAA Reauthorization: Integrating New Entrants into the National Airspace System”. The witness list includes:

• Lisa Ellman, Commercial Drone Alliance,

• Gregory Davis, Eviation,

• Stephen P. “Lux” Luxion, FAA Center of Excellence for Unmanned Aircraft Systems (ASSURE),

• Stéphane Fymat, Honeywell Aerospace, and

• Edward M. Bolen, National Business Aviation Association

Counter drone operations may come up in the discussion.

On the Floor

The 900-lb gorilla this week is the spending bill, or rather a continuing resolution that ‘must’ pass by midnight on Friday. A weekend final vote is not beyond possible.

The House is scheduled to take up 32 bills in this short week under the suspension of the rules process. With spending bill pending, we can expect Republican bomb throwers to demand votes on many if not most of these bills, just to gum up the process. Bills of potential interest here include:

• S 4900 – SBIR and STTR Extension Act of 2022,

• HR 8956 – FedRAMP,

HR 6824 Reported in House – Cybersecurity Competition

While the House passed HR 6824 earlier this week, the Committee Report for the bill was not publicly available until after the vote was held. The Report makes the point (pgs 3-4) that the ‘President’s Cup Cybersecurity Competition’ that would be authorized by the bill have actually been held since 2019. The report concludes that discussion by saying:

“H.R. 6824 will specifically authorize the President’s Cup Cybersecurity Competition in law in a manner that provides CISA with needed authority to award cash prizes to the winners to reward their demonstrated cybersecurity skills, which can act as an important retention tool. Codifying the President’s Cup will demonstrate that both Congress is committed to addressing Federal cybersecurity recruitment and retention challenges and values the Federal cyber workforce.”

That is, perhaps, a more positive spin than I normally put on congressional efforts to authorize activities already being undertaken by the Executive Branch. In this case, I will give them credit for the effort and intent publicly stated, since they did give CISA credit for the origination of the program.

HR 6824 Passed in House – Cybersecurity Competition

Today, the House took up HR 6824, the President’s Cup Cybersecurity Competition Act. The bill was considered under the suspension of the rules process. There was limited debate of the bill this afternoon and a recorded vote was requested. This evening, the House voted 386 to 31 to pass the bill.

The way this bill is set up we could see multiple Department wide competitions or a single government wide competition. Or not competitions, if CISA decides it is just not worth the effort. In any case, if this bill passes, Congress gets credit for doing something for cybersecurity, even if no one holds a single competition.

For more details about the provisions of the bill, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-6824-introduced - subscription required.

Committee Hearings – Week of 5-15-22

This week, with both the House and Senate in session, there is a very active hearing schedule on both sides of the Hill. FY 2023 budget hearing continue, including Member Day hearings (where congresscritters not on the Appropriations Committee have a chance to plead for their favorite projects). We also have two cybersecurity markups, a health and education cybersecurity hearing, and an emergency response hearing.

Cybersecurity Markups

On Tuesday, the House Science, Space, and Technology Committee will hold a business meeting to consider four pieces of legislation. It will include:

• HR 7569, the Energy Cybersecurity University Leadership Act of 2022.

On Wednesday, the Senate Small Business Committee, will hold a business meeting to consider five bills. It will include:

• S 1687, the Small Business Cyber Training Act of 2021

NOTE: I have not followed this bill closely because it deals with cybersecurity training for employees of Small Business Development Center, not small businesses.

Cybersecurity Hearings

On Wednesday the Senate Health, Education, Labor and Pensions Committee will hold a hearing on “Cybersecurity in the Health and Education Sectors”. The witness list includes:

• Denise Anderson, Health Information Sharing and Analysis Center,

• Joshua Corman, I Am the Cavalry,

• Amy McLaughlin, Consortium of School Networking, and

• Helen Norris, Chapman University

I do not think that there will be any in depth discussion about medical device cybersecurity issues, but I could be wrong with Corman as a witness.

Emergency Response

On Tuesday, the Emergency Preparedness, Response, and Recovery Subcommittee of the House Homeland Security Committee will hold a hearing on “Creating a More Resilient Nation: Stakeholder Perspectives”. The witness list will include:

• Chris Currie, GAO,

• Orlando Rolón, Chief of Police, City of Orlando, and

• George Dunlap, Mecklenburg County Commission

I do not think that there will be any specific discussion about response planning for chemical incidents.

On the Floor

There are five cybersecurity bills scheduled for consideration in the House this week under the suspension of the rules process. They include:

HR 5658 – DHS Roles and Responsibilities in Cyber Space Act, as amended,

HR 6824 – President’s Cup Cybersecurity Competition Act, as amended,

HR 6825 – Nonprofit Security Grant Program Improvement Act of 2022, as amended,

HR 6868 – Cybersecurity Grants for Schools Act of 2022, as amended, and

S 2520 – State and Local Government Cybersecurity Act of 2021,

Review - HR 6824 Introduced – Cybersecurity Competition

Last week, Rep Luria (D,VA) introduced HR 6824, the President’s Cup Cybersecurity Competition Act. The bill would allow CISA “to hold an annual cybersecurity competition to be known as the ‘Department of Homeland Security Cybersecurity and Infrastructure Security Agency’s President’s Cup Cybersecurity Competition’” {§2(a)} across offensive and defensive cybersecurity disciplines. No new monies are being authorized to support this competition.

Moving Forward

As I mentioned this morning, the House Homeland Security Committee will take up this bill on Wednesday. As of 9:30 pm EST today, there are no amendments proposed for this bill. I see nothing that would draw any organized opposition to the bill. I suspect that it will be adopted by the Committee with significant bipartisan support. This bill could be considered by the Full House later in March.

Commentary

The way this bill is set up we could see multiple Department wide competitions or a single government wide competition. Or not competitions, if CISA decides it is just not worth the effort. In any case, if this bill passes, Congress gets credit for doing something for cybersecurity, even if no one holds a single competition.

Committee Hearings – Week of 2-27-22

This week with both the House and Senate returning to Washington, there is a pretty routine number of Committee hearings currently scheduled. They include a hearing on DOE related bills in the Senate and a markup hearing in the House that includes cybersecurity measures.

DOE Hearing

Tomorrow, the Senate Energy and Natural Resources Committee will conduct a hearing on pending legislation. They list seven DOE related bills that about which they will receive testimony. The witness list is currently limited to Geraldine Richmond, DOE. One of the bills touches on responsibilities for cybersecurity incident response at DOE, S 2302.

Cybersecurity Markup

On Wednesday, the House Homeland Security Committee will hold a markup hearing looking at 12 pieces of legislation. There are three bills that may be of interest here, two were introduced last Friday and one will be introduced this week, probably today.

HR 6824, “President’s Cup Cybersecurity Competition Act” [PDF]

HR 6825, "Nonprofit Security Grant Program Improvement Act of 2022" [PDF]

HR____, "Cybersecurity Grants for Schools Act of 2022" [PDF]

I have not yet had a chance to do a detailed review of any of these bills since they have not been published by the GPO. I will be looking at the Committee drafts (links provided above) for the bills before Wednesday.

Bills Introduced – 2-25-22

Yesterday, with the House meeting in pro forma session, there were 40 bills introduced. Two of those bills may receive additional coverage in this blog:

HR 6824 To authorize the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security to hold an annual cybersecurity competition relating to offensive and defensive cybersecurity disciplines, and for other purposes. Rep. Luria, Elaine G. [D-VA-2]

HR 6825 To amend the Homeland Security Act of 2002 to enhance the funding and administration of the Nonprofit Security Grant Program of the Department of Homeland Security, and for other purposes. Rep. Thompson, Bennie G. [D-MS-2] 

I will be watching HR 6825 for language and definitions that would allow cybersecurity spending to be covered under the Nonprofit Security Grant Program.

I will be covering HR 6824.