By Maggie Miller
House Minority Leader Nancy Pelosi (D-CA) appointed Rep. James Langevin (D-RI) to the newly created Cyberspace Solarium Commission on Tuesday, while the House passed four cyber-related bills including one to create a vulnerability disclosure program at the Department of Homeland Security.
Pelosi named Langevin and former Rep. Patrick Murphy (D-PA) to the commission, created under the 2019 National Defense Authorization Act. The House minority leader is required to appoint two members of the Commission, one of whom must not be a current member of the House.
“Cyberspace is the future, and will grow even more important to driving American leadership and innovation in the years to come,” Pelosi said in a statement. “Guided by Rep. Langevin and former Rep. Murphy, this Commission will be a vital tool in keeping America safe, strong and free.”
Langevin, the co-founder and co-chair of the Congressional Cybersecurity Caucus, said in a statement he was “honored” to be appointed, and called for the commission to develop a “strategic framework” for international cyber “stability.”
“It is imperative that we use the opportunity afforded by the Solarium Commission to develop a strategic framework that encompasses these challenges and ensures the United States continues to benefit from global cyber stability,” Langevin said. “It is my expectation that such a strategy will encompass all elements of national power – economic, diplomatic and military – and help contextualize cyber in the broader national and economic security discussion.”
The Speaker of the House is designated to appoint three members, with the Senate majority leader to designate three, and the Senate minority leader to pick two members. Other members of the commission automatically include the FBI director, the deputy secretaries of the departments of Defense and Homeland Security, and the principal deputy director of National Intelligence.
The commission is charged with developing a “strategic approach” to defend the U.S. in cyberspace against “cyber attacks of significant consequences.”
Bills move in House
On Tuesday, the House approved four cybersecurity bills, including H.R. 6735, the Public-Private Cybersecurity Cooperation Act. The bill sponsored by House Majority Leader Kevin McCarthy (R-CA) directs the DHS secretary to establish a “vulnerability disclosure policy” for DHS internet sites within 90 days of the legislation being signed into law.
The House Homeland Security Committee approved the bill earlier this month, and Chairman Michael McCaul (R-TX) spoke on the floor in favor of passage, saying it would give a “legal avenue” to allow researchers from the private sector to identify cyber flaws in DHS’ systems.
“Between 2011 and 2013, Iranian hackers attacked dozens of American banks and even tried to shut down a dam in New York,” McCaul said. “In 2014, Chinese hackers stole over 22.5 million security clearances, including my own, from the Office of Personnel Management. In 2016, Russia meddled in our Presidential election, and because we use computer networks in our personal and professional lives, almost everyone is a target. With each passing day, cyber threats continue to grow. But the government cannot face these threats alone. We need help from the private sector.”
McCaul also spoke in favor of another bill passed Tuesday, H.R. 6620, the Protecting Critical Infrastructure Against Drones and Emerging Threats Act, sponsored by Homeland Security cyber subcommittee ranking member Cedric Richmond (D-LA). This bill would require DHS to prepare a threat assessment related to unmanned aircraft systems, and was previously approved by the House Homeland Security Committee.
“The threats we face from drones are constantly evolving as the technology becomes more accessible across the globe,” McCaul said on H.R. 6620. “We need to do more to confront these dangers.”
The House passed two more bills: H.R. 5433, the Hack Your State Department Act, sponsored by Rep. Ted Lieu (D-CA), to establish a “bug bounty” program at the State Department; and H.R. 6229, the National Institute of Standards and Technology Reauthorization Act, sponsored by Rep. Barbara Comstock (R-VA), which supports cyber programs at NIST.