Cybersecurity would be top priority if House GOP wins midterm elections, lawmaker says
After the Nov. 8 midterm elections, it’s possible that Republicans will take control of both the House and the Senate. But with cybersecurity long being one of the more bipartisan issues in Congress, the impact of Republican majorities in one or both chambers may be minimal.
Nonetheless, there are some concerns that Republicans will follow the lead of former President Donald Trump, who at times downplayed cyberthreats from Russia and other countries.
HOW SPYWARE HIDES IN APPS ALREADY ON YOUR PHONE
“U.S. cybersecurity went backward during the Trump administration, with particular concerns raised around the way Trump failed to punish adversaries, including Russia, for belligerent cyberattacks against U.S. targets,” said Peter Strahan, the founder and CEO of Lantech, an Ireland-based managed security provider.
“Trumpian rhetoric also largely downplayed the significance of these attacks,” Strahan told the Washington Examiner.
While some Republicans continue to say cybersecurity is a top priority, “there is a significant wing of the Republican Party that actively downplays the threat posed by cyberattacks from Russia and China,” Strahan said. “This is worrying at a time when the U.S and its allies are engaged in what can only be described as a new cold war with Russia, and to an extent China, with cyberattacks one of the top asymmetrical warfare tools in their arsenal.”
But cybersecurity would continue to be a top priority under Republican leadership, countered Rep. Andrew Garbarino (R-NY).
“Cybersecurity is national security,” Garbarino told the Washington Examiner. “The current threat landscape requires a posture of vigilance which is why we must secure our cyber borders just as we must secure our physical borders.”
Both parties in Congress have worked together to build up the capabilities of the Cybersecurity and Infrastructure Security Agency, added Garbarino, the ranking Republican on the cybersecurity subcommittee of the House Homeland Security Committee.
However, Republicans may focus more on oversight and on “ensuring that CISA has the structure in place to execute its responsibilities effectively and in the manner in which Congress intended,” he said.
In addition, Republicans will focus on cybersecurity workforce development and on filling the estimated 700,000 open cybersecurity jobs in the United States, he added. They will also explore new layers of protection, such as federal cyberattack insurance coverage, modeled after the 2002 Terrorism Risk Insurance Act, he said.
Cybersecurity legislation is handled by a handful of committees and subcommittees in Congress.
In the Senate, cybersecurity legislation often goes through the Homeland Security and Government Affairs Committee or the cybersecurity subcommittee of the Senate Commerce, Science, and Transportation Committee.
Sen. Ron Johnson (R-WI) would likely take over the chairmanship of the Senate Homeland Security Committee if he wins reelection and Republicans gain the majority. Sen. Marsha Blackburn (R-TN) would likely become the chairwoman of the cybersecurity subcommittee in a GOP majority.
In the House, cybersecurity bills often originate in the cybersecurity subcommittee of the Homeland Security Committee and the Energy and Commerce Committee.
Garbarino would likely become the chairman of the cybersecurity subcommittee in a Republican-majority House. And Rep. Cathy McMorris Rodgers (R-WA) would likely become the chairwoman of the Energy and Commerce Committee.
During the 117th Congress, only a handful of cybersecurity bills have become law.
One of the most significant is the State and Local Government Cybersecurity Act, sponsored by Sen. Gary Peters (D-MI). It encourages collaboration between the Department of Homeland Security and state and local governments, as well as corporations and other organizations.
The law expands DHS responsibilities through grants and cooperative agreements, tasking DHS with providing a wide range of assistance to organizations to defend against cyberattacks.
While progress is often made in cybersecurity through regulations such as HIPAA, the European Union’s General Data Protection Regulation, and state privacy laws, Congress doesn’t seem to have the appetite to pass new major cybersecurity legislation, said Chris Clymer, the chief information security officer of Inversion6, a cybersecurity risk management provider.
As a result, there is a patchwork of state laws in place, with tracking and complying with state privacy and cybersecurity laws becoming a “cottage industry,” Clymer told the Washington Examiner.
“For the last decade, there has been chatter about the federal government establishing uniform data privacy and cybersecurity standards,” he said. “Several laws have been proposed by individuals on both sides of the aisle. And none have passed.”
CLICK HERE TO READ MORE FROM THE WASHINGTON EXAMINER
While cybersecurity is a nonpartisan issue, Clymer doesn’t have confidence Congress will take a major step forward.
“Both parties have made rumbles, and both have agreed that it’s not a cause worth truly compromising with the other party to make real progress on,” he said. “There doesn’t appear to be much in the current climate in Washington that’s likely to change that situation regardless of who’s in charge, short of a major cyberattack by a nation-state that can’t be ignored.”
Gloss