[Pages H4367-H4369]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




             DHS CYBER INCIDENT RESPONSE TEAMS ACT OF 2019

  Miss RICE of New York. Mr. Speaker, I move to suspend the rules and 
pass the bill (H.R. 1158) to authorize cyber incident response teams at 
the Department of Homeland Security, and for other purposes, as 
amended.
  The Clerk read the title of the bill.
  The text of the bill is as follows:

                               H.R. 1158

       Be it enacted by the Senate and House of Representatives of 
     the United States of America in Congress assembled,

     SECTION 1. SHORT TITLE.

       This Act may be cited as the ``DHS Cyber Incident Response 
     Teams Act of 2019''.

     SEC. 2. DEPARTMENT OF HOMELAND SECURITY CYBER INCIDENT 
                   RESPONSE TEAMS.

       (a) In General.--Section 2209 of the Homeland Security Act 
     of 2002 (6 U.S.C. 148) is amended--
       (1) in subsection (d)(1)(B)(iv), by inserting ``, including 
     cybersecurity specialists'' after ``entities'';
       (2) by redesignating subsections (f) through (m) as 
     subsections (g) through (n), respectively;
       (3) by inserting after subsection (e) the following new 
     subsection (f):
       ``(f) Cyber Incident Response Teams.--
       ``(1) In general.--The Center shall maintain cyber hunt and 
     incident response teams for the purpose of providing, as 
     appropriate and upon request, assistance, including the 
     following:
       ``(A) Assistance to asset owners and operators in restoring 
     services following a cyber incident.
       ``(B) The identification of cybersecurity risk and 
     unauthorized cyber activity.
       ``(C) Mitigation strategies to prevent, deter, and protect 
     against cybersecurity risks.
       ``(D) Recommendations to asset owners and operators for 
     improving overall network and control systems security to 
     lower cybersecurity risks, and other recommendations, as 
     appropriate.
       ``(E) Such other capabilities as the Under Secretary 
     appointed under section 103(a)(1)(H) determines appropriate.
       ``(2) Cybersecurity specialists.--The Secretary may include 
     cybersecurity specialists from the private sector on cyber 
     hunt and incident response teams.
       ``(3) Associated metrics.--The Center shall continually 
     assess and evaluate the cyber incident response teams and 
     their operations using robust metrics.
       ``(4) Submittal of information to congress.--Upon the 
     conclusion of each of the first four fiscal years ending 
     after the date of the enactment of this subsection, the 
     Center shall submit to the Committee on Homeland Security of 
     the House of Representatives and the Homeland Security and 
     Governmental Affairs Committee of the Senate, information on 
     the metrics used for evaluation and assessment of the cyber 
     incident response teams and operations pursuant to paragraph 
     (3), including the resources and staffing of such cyber 
     incident response teams. Such information shall include each 
     of the following for the period covered by the report:
       ``(A) The total number of incident response requests 
     received.
       ``(B) The number of incident response tickets opened.
       ``(C) All interagency staffing of incident response teams.
       ``(D) The interagency collaborations established to support 
     incident response teams.''; and
       (4) in subsection (g), as redesignated by paragraph (2)--
       (A) in paragraph (1), by inserting ``, or any team or 
     activity of the Center,'' after ``Center''; and
       (B) in paragraph (2), by inserting ``, or any team or 
     activity of the Center,'' after ``Center''.
       (b) No Additional Funds Authorized.--No additional funds 
     are authorized to be appropriated to carry out the 
     requirements of this Act and the amendments made by this Act. 
     Such requirements shall be carried out using amounts 
     otherwise authorized to be appropriated.

  The SPEAKER pro tempore. Pursuant to the rule, the gentlewoman from 
New York (Miss Rice) and the gentleman from Texas (Mr. Crenshaw) each 
will control 20 minutes.
  The Chair recognizes the gentlewoman from New York.

[[Page H4368]]

  


                              {time}  1530


                             General Leave

  Miss RICE of New York. Mr. Speaker, I ask unanimous consent that all 
Members may have 5 legislative days to revise and extend their remarks 
and to include extraneous material on this measure.
  The SPEAKER pro tempore. Is there objection to the request of the 
gentlewoman from New York?
  There was no objection.
  Miss RICE of New York. Mr. Speaker, I yield myself such time as I may 
consume.
  Mr. Speaker, every day, hackers grow bolder, more sophisticated, and 
more ambitious. In 2016, the Russian Government carried out an 
unprecedented attack on our election infrastructure; and last year, the 
Department of Homeland Security and FBI revealed that the Russians were 
exploiting cyber tools to target critical infrastructure in our energy, 
water, aviation, and commercial sectors.
  Other foreign adversaries have taken note of Russia's activity and 
are similarly leveraging their cyber capabilities to advance their 
interests and undermine our own. We already know that Chinese actors 
have been targeting American companies and even our transportation 
systems with cutting-edge cyberattacks. In recent years, we have also 
seen an increase in Iranian cyberattacks on banks, businesses, and 
government agencies.
  Meanwhile, local governments across the country, from Atlanta to 
Baltimore to Albany, have been devastated by costly and disruptive 
ransomware attacks.
  The only way for us to effectively mitigate and respond to these 
attacks is by leveraging the full power and capabilities of the Federal 
Government.
  H.R. 1158, the DHS Cyber Incident Response Teams Act of 2019, would 
do just that by authorizing hunt and incident response teams.
  Housed within the Cybersecurity and Infrastructure Security Agency, 
these teams deploy to owners and operators of critical infrastructure 
after a cybersecurity incident. They provide intrusion analysis, 
identify malicious actors, analyze malicious tools, and provide 
mitigation assistance strategies. They are our boots on the ground in 
the event of a cybersecurity incident and are critical to improving the 
cybersecurity capabilities of critical infrastructure operators.
  Additionally, H.R. 1158 authorizes DHS to leverage private-sector 
capabilities to address these growing and evolving threats.
  It is important that DHS use every measure available to confront the 
changing landscape of cyber threats. Passing this bill, authored by our 
former chairman of the Homeland Security Committee,  Mike McCaul, will 
help us accomplish that mission.
  Mr. Speaker, I urge my House colleagues to support this legislation, 
and I reserve the balance of my time.
  Mr. CRENSHAW. Mr. Speaker, I yield myself such time as I may consume.
  I rise today in support of H.R. 1158, the DHS Cyber Incident Response 
Teams Act of 2019.
  H.R. 1158 authorizes cyber hunt and incident response teams to assist 
operators, free of cost, to identify unauthorized cyber activity while 
promoting the proper strategies to deter future threats.
  This legislation helps us stay vigilant in our efforts to respond to 
cyber incidents in both the public and private sectors as threats to 
our digital networks continue to evolve.
  I support this important bill, introduced by my colleague, Ranking 
Member McCaul, and I commend him for his leadership on this issue. I 
urge all Members to support this bill.
  Mr. Speaker, I reserve the balance of my time.
  Miss RICE of New York. Mr. Speaker, I have no more speakers, and I am 
prepared to close after the gentleman from Texas closes.
  I reserve the balance of my time.
  Mr. CRENSHAW. Mr. Speaker, I yield 5 minutes to the gentleman from 
Texas (Mr. McCaul).
  Mr. McCAUL. Mr. Speaker, I rise today in support of my bill, H.R. 
1158, the DHS Cyber Incident Response Teams Act of 2019. I want to 
thank the gentleman from Texas for managing this on the floor. I want 
to thank the gentlewoman from New York for her comments.
  Every day, we are facing threats from Russia, China, Iran, North 
Korea, and other malicious actors trying to hit not only our Federal 
Government networks, but our private sector.
  During my time as chairman of the House Homeland Security Committee, 
I prioritized ensuring that our Nation had the capacity to respond to 
cyber threats and protect our critical infrastructure. I am proud to 
say that we have made important strides in recent years, including 
standing up the Cybersecurity and Infrastructure Security Agency within 
DHS.
  However, we must press forward with innovative solutions to respond 
to a constantly changing threat landscape. To that end, my bill 
authorizes CISA's ability to maintain cyber incident response teams to 
assist against cyberattacks on the government and private sector. These 
teams not only help respond to cyberattacks, but also help mitigate the 
potential destruction they cause and restore damaged networks after.
  Additionally, my bill allows for leading industry specialists to 
serve on these teams with the government and DHS to provide outside 
expertise. It really provides a force multiplier, and I think it is a 
very important step forward in the right direction. It ensures that we 
have the best and brightest from both the public and private sector 
working in unison to secure our critical infrastructure and vital 
national networks.
  These response teams are a force multiplier, enhancing our 
cybersecurity workforce and helping protect our interconnected world. 
This bill is critical to keeping our digital networks and 
communications systems resilient and protected.
  I would like to also thank Congressmen Langevin, Ratcliffe, 
Ruppersberger, and Katko for joining me in introducing this bill.
  This bill actually passed the House last Congress, and I sure hope we 
can get it passed by the Senate and signed into law, because it is 
urgently needed by the Department to protect the United States from 
these critical cyberattacks.

  Mr. Speaker, I urge support of this legislation.
  Mr. CRENSHAW. Mr. Speaker, I urge adoption of the bill, and I yield 
back the balance of my time.
  Miss RICE of New York. Mr. Speaker, I yield myself such time as I may 
consume.
  It is hard to predict the future, but there is one thing I know: Our 
adversaries will continue to hone their hacking capabilities to advance 
their interests and undermine ours.
  Critical infrastructure owners and operators must have access to the 
incident response capabilities necessary to protect their networks. 
H.R. 1158, which was approved unanimously in committee, will help 
ensure that DHS can continue to partner effectively with the private 
sector to protect critical infrastructure.
  Before I close, I would like to note that a version of this bill 
passed the House by a voice vote in the 115th Congress. I urge my 
colleagues to support H.R. 1158.
  Mr. Speaker, I yield back the balance of my time.
  Ms. JACKSON LEE. Mr. Speaker, I rise in strong support of H.R. 1158, 
``DHS Cyber Incident Response Teams Act of 2019.''
  H.R. 1158 codifies DHS' National Cybersecurity and Communications 
Coordination Center (NCCIC) Hunt and Incident Response Teams which the 
Department currently deploys to provide intrusion analysis, identify 
malicious actors, analyze malicious tools, and provide mitigation 
assistance to entities requesting assistance after a cybersecurity 
incident.
  H.R. 1158 also requires the NCCIC to submit information to Congress 
regarding metrics for the teams, at the end of the first four years 
after enactment.
  In 2017, a malware named NotPetya was released from the hacked 
servers of a Ukrainian software firm servicing a management program 
used by some of world's largest corporations, causing an estimated $10 
billion in damage.
  When this bill passes, it will assess and mitigate situations of 
cyberterrorism that undermine our nation's security and civil liberties 
such as our national elections.
  Cyber threats are becoming more sophisticated every day.

[[Page H4369]]

  Due to the vulnerability of corporations' operations, we need 
extensive measures to identify, analyze, and alleviate threats of 
cyberattacks.
  Affected asset owners and operators will receive critical information 
to improve their overall network and control systems security to lower 
cybersecurity risks, and other recommendations.
  Mr. Speaker, I urge my colleagues to join me in supporting H.R. 1158 
to protect our nation from malicious attempts of cyberterrorism that 
strategically weaken our democracy.
  The SPEAKER pro tempore. The question is on the motion offered by the 
gentlewoman from New York (Miss Rice) that the House suspend the rules 
and pass the bill, H.R. 1158, as amended.
  The question was taken; and (two-thirds being in the affirmative) the 
rules were suspended and the bill, as amended, was passed.
  A motion to reconsider was laid on the table.

                          ____________________