115 HR 5074 RH: DHS Cyber Incident Response Teams Act of 2018 U.S. House of Representatives 2018-02-20 text/xml EN Pursuant to Title 17 Section 105 of the United States Code, this file is not subject to copyright protection and is in the public domain.

IB Union Calendar No. 463 115th CONGRESS2d Session H. R. 5074 [Report No. 115–607] IN THE HOUSE OF REPRESENTATIVES February 20, 2018 Mr. McCaul (for himself, Mr. Ratcliffe, Mr. Donovan, Mr. Gallagher, Mr. Fitzpatrick, and Mr. Bacon) introduced the following bill; which was referred to the Committee on Homeland Security March 19, 2018Additional sponsors: Mr. Katko and Mr. Higgins of Louisiana March 19, 2018 Committed to the Committee of the Whole House on the State of the Union and ordered to be printed A BILL To authorize cyber incident response teams at the Department of Homeland Security, and for other purposes.

1.

Short title

This Act may be cited as the DHS Cyber Incident Response Teams Act of 2018.

2.

Department of Homeland Security cyber incident response teams

(a)

In general

Section 227 of the Homeland Security Act of 2002 (6 U.S.C. 148) is amended— (1)in subsection (d)(1)(B)(iv), by inserting , including cybersecurity specialists after entities; (2)by redesignating subsections (f) through (m) as subsections (g) through (n), respectively; and (3)by inserting after subsection (d) the following new subsection (f): (f)

Cyber incident response teams

(1)

In general

The Center shall maintain cyber hunt and incident response teams for the purpose of providing, as appropriate and upon request, assistance, including the following: (A)Assistance to asset owners and operators in restoring services following a cyber incident. (B)The identification of cybersecurity risk and unauthorized cyber activity. (C)Mitigation strategies to prevent, deter, and protect against cybersecurity risks. (D)Recommendations to asset owners and operators for improving overall network and control systems security to lower cybersecurity risks, and other recommendations, as appropriate. (E)Such other capabilities as the Under Secretary appointed under section 103(a)(1)(H) determines appropriate. (2)

Cybersecurity specialists

The Secretary may include cybersecurity specialists from the private sector on cyber hunt and incident response teams. (3)

Associated metrics

The Center shall continually assess and evaluate the cyber incident response teams and their operations using robust metrics. (4)

Submittal of information to Congress

Upon the conclusion of each of the first four fiscal years ending after the date of the enactment of this subsection, the Center shall submit to the Committee on Homeland Security of the House of Representatives and the Homeland Security and Governmental Affairs Committee of the Senate, information on the metrics used for evaluation and assessment of the cyber incident response teams and operations pursuant to paragraph (3), including the resources and staffing of such cyber incident response teams. Such information shall include each of the following for the period covered by the report: (A)The total number of incident response requests received. (B)The number of incident response tickets opened. (C)All interagency staffing of incident response teams. (D)The interagency collaborations established to support incident response teams. ; and (4)in subsection (g), as redesignated by paragraph (2)— (A)in paragraph (1), by inserting , or any team or activity of the Center, after Center; and (B)in paragraph (2), by inserting , or any team or activity of the Center, after Center. (b)

No additional funds authorized

No additional funds are authorized to be appropriated to carry out the requirements of this Act and the amendments made by this Act. Such requirements shall be carried out using amounts otherwise authorized to be appropriated.

March 19, 2018 Committed to the Committee of the Whole House on the State of the Union and ordered to be printed