Rep. Mark Green, R-Tenn., chairman of the House Homeland Security Committee, today pledged that his committee will conduct tough oversight of the Cybersecurity and Infrastructure Security Agency (CISA) to ensure that the agency “responsibly” carries out its mission without branching into excessive regulation.
The committee chairman’s remarks today track with the sentiment he expressed in early February that he wanted to strengthen CISA as an “information enabler rather than as a regulatory agency.”
In a recorded address to the ServiceNow Federal Forum event, Rep. Green said he wants the House Homeland Security Committee to “address the growing cyber threat in a thoughtful, bipartisan, and strategic fashion.”
“As you all know far too well, cyber threats are one of the greatest national security risks of our time,” he said. “We face these threats from criminal actors, of course, nation-state adversaries, targeting government and private entities alike, including our hospitals, schools, and financial systems.”
Rep. Green noted that the previous Congress approved legislation that adds to CISA’s mission and provided the agency with more money to execute its mission, leaving the current Congress to “ensure oversight” of the agency and its added authorities.
Those authorities, he said, “have the potential to elevate and bolster CISA with the Federal government infrastructure,” but added, “it’s imperative that the agency responsibly and purposefully implement them to ensure its success.”
He said the committee will tackle its oversight duties through a “robust schedule of hearings, briefings, academies, member site visits, and investigations,” adding, “in particular, CISA must be strengthened as an information enabling rather than a regulatory agency.”
“The Biden administration and others have talked about cyber as a team sport,” he said. “Therefore, building partnerships between government and industry is essential. A successful partnership will be based on mutual trust, not some expansive and duplicative regulation.”
“The key to building trust is employing harmonization across Federal agencies varying cybersecurity efforts,” the congressman said. “We must clarify Federal cybersecurity roles, responsibilities, and regulations to minimize confusion and redundancies across the government.”
On the horizon, Rep. Green noted that CISA’s Einstein program is up for reauthorization at the end of fiscal year 2023, and said he has been “encouraged” by “CISA’s efforts to rethink that program as we shift focus from perimeter security to endpoint detection and response capabilities.”
“CISA needs to increase visibility into the cybersecurity of Federal networks, starting with gaining greater fidelity of the assets the Federal government has, including all of our software assets,” Rep. Green said.
“Understanding the potential attack surface within the Federal government is crucial … we can’t defend what we can’t see,” he said. “I plan to work with CISA and my partners in Congress to identify the appropriate tools and reforms to improve CISA’s visibility across the Federal executive branch.”