The point office on cybersecurity in the Department of Homeland Security is on track for a rebrand. The Senate on Wednesday passed the Cybersecurity and Infrastructure Security Agency Act, which would both codify the office into law and give it a more relevant name.
Under the bill, DHS’s National Protection and Programs Directorate (NPPD) would become the Cybersecurity and Infrastructure Security Agency (CISA). DHS established the NPPD in 2007; the legislation is essentially Congress’ official seal of approval. The House is expected to hold a final vote soon, sending the bill to President Donald Trump.
NPPD leads the U.S. government’s efforts to secure federal networks and critical infrastructure. The office has also been spearheading the federal government’s election security efforts since the threats that became apparent in 2016. The office coordinates with state and local election offices on information sharing and cybersecurity best practices.
“It is ridiculous that DHS needs an act of Congress to rename and reorganize an agency wholly within its jurisdiction. Nevertheless, I am glad the Senate passed the CISA bill to help the agency recruit talent and focus its efforts on protecting the homeland from cyber-attacks,” said Ron Johnson, R-Wis., who chairs the Senate Homeland Security Committee, in a statement.
The CISA Act, sponsored by House Homeland Security Committee Chairman Mike McCaul, R-Texas, passed in that chamber late in 2017. This week’s action in the Senate requires one more pass through the House because senators made some minor amendments.
“This much needed measure breaks down another barrier to cybersecurity coordination by renaming and reorganizing the cyber division in the Department of Homeland Security so it can operate efficiently and effectively to secure our systems,” said Claire McCaskill, D-Mo., ranking member of Senate Homeland Security.
NPPD is currently headed by Undersecretary Chris Krebs. If the office becomes CISA, he will be its director.
Thank you to @SenRonJohnson, @clairecmc and the rest of the Senate for voting to create the first cybersecurity agency in the fed gov’t. Perfect timing as Oct. is #CyberMonth2018. This will go a long way in our ability to defend the nation against #cyber threats.
— Chris Krebs (@nppd_krebs) October 3, 2018
Krebs, along with DHS Secretary Kirstjen Nielsen, have voiced support for the the CISA Act in hopes that it will cement the office’s role, which is increasingly seen as critical.
“The opportunity to finally enact CISA into law could not come at a more critical moment for our country’s cybersecurity posture. Heightened aggression from cyber adversaries—including hostile nation states—is only accelerating in volume and sophistication,” Nielsen said at a September DHS summit. “Let me be clear: we need CISA urgently.”
I urge the House to take this bill up as soon as they return to Washington, and to establish the agency we need to protect our homeland against @cyber threats. Our digital enemies aren’t waiting on the sidelines and neither can we. #CyberAware
— Sec. Kirstjen Nielsen (@SecNielsen) October 4, 2018