New Cybersecurity Leaders in Congress
Tom Carper, Mike McCaul Moving Up to Key Chairmanships
The chairs of the committees that have jurisdiction over IT security serve as the point men or point women on cybersecurity matters in the U.S. Congress. In both houses, committee leadership changes mean new lawmakers will lead legislative initiatives on cybersecurity in the 113th Congress.
See Also: The Cybersecurity Swiss Army Knife for Info Guardians: ISO/IEC 27001
The most evident change will be in the Senate with the retirement of the chairman of the Homeland Security and Governmental Affairs Committee, Joseph Lieberman, ID-Conn., a longtime champion of IT and IT security reform in Congress [see Lieberman's Last Hurrah on Cybersecurity]. Lieberman's successor is expected to be Tom Carper, D-Del., who chaired the panel's subcommittee with IT security oversight and cosponsored with Lieberman the Cybersecurity Act of 2012, the bill that failed to muster the 60 votes to end a filibuster [see Senate, Again, Fails to Halt Filibuster].
Technically, Democratic leaders have yet to select the chairs of the 113th Congress' Senate committees, but Carper is in line to take over the Homeland Security and Governmental Affairs chairmanship. Carl Levin, D-Mich., would be the panel's new chairman based on seniority, but he's expected to remain as head of the Senate Armed Services Committee, and Senate tradition limits an individual senator to one committee chairmanship.
Panels' Differing Responsibilities
The Homeland Security and Governmental Affairs Committee approaches IT security from two basic perspectives: how the federal government governs its own cybersecurity (for instance, revising the Federal Information Security Management Act) and how the government works with the private sector to assure the protection of key privately owned networks. The panel also provides oversight to the activities at the Department of Homeland Security, where the Obama administration has placed much of the IT security governance responsibility for civilian, non-intelligence agencies. DHS also serves as a key contact point between the federal government and the private owners of the nation's critical IT systems.
In the House, those legislative and oversight responsibilities are divvied up between two panels: Oversight and Government Reform, which oversees government IT security governance, and Homeland Security, which handles legislation and matters involving DHS and the protection of the nation's critical infrastructure.The current chairman of the House Oversight and Government Reform Committee, Rep. Darrell Issa, R-Calif., will continue in that role. The Homeland Security Committee gets a new chairman, Rep., Michael McCaul, R-Texas. He replaces Rep. Peter King, R-N.Y. Unlike the Democrats, the Republicans have term limits on how long a member can serve as the chair and/or ranking member of a committee, and King's time is up. [Time also is up for Sen. Susan Collins, R-Maine, the current ranking member of the Senate Homeland Security and Governmental Affairs Committee and Cybersecurity Act cosponsor, who served as its chair when the GOP held a Senate majority].
McCaul, like Carper, isn't a cybersecurity novice. He cofounded with Rhode Island Democratic Rep. James Langevin the Congressional Cybersecurity Caucus and served as a co-chair of the Commission on Cybersecurity for the 44th Presidency, a public-private panel that developed and presented recommendations to President Obama to secure cyberspace.
New Chairmen Speak Out
Over the years, we've interviewed Carper and McCaul on cybersecurity. Here are those interviews:
- FISMA Reforms Outlined: Sen. Tom Carper
- Carper Gives White House Incomplete on Cybersecurity Performance
- Reasoning Behind Enhancing DHS Infosec Prowess
- Sen. Carper: Federal Infosec Efficiencies Needed
- McCaul Sees Colleagues as Failing to Grasp Urgency of Cyber Threat
Other committees also provide oversight over aspects of cybersecurity, such as the Armed Services Committees in both houses, whose incumbent chairs Rep. Howard "Buck" McKeon, R-Calif., and Michigan's Levin will continue in their roles. Both of those panels have oversight over Defense Department IT security. Similarly, the chairs of the Senate and House Permanent Select Committees on Intelligence, Sen. Dianne Feinstein, D-Calif., and Rep. Mike Rogers, R-Mich., will remain in the same in the new Congress, as will Sen. Jay Rockefeller, D-W.Va., and Rep. Fred Upton, R-Mich., chairmen of the Senate Commerce, Science and Transportation Committee and House Energy and Commerce Committee, which deal with IT security in the private sector.
While the chair of the Senate Judiciary Committee, Patrick Leahy, D-Vt., stays the same, the head of its House counterpart will change. Rep. Bob Goodlatte, R-Va., takes over from Rep. Lamar Smith, R-Texas, as chairman of the committee that provides oversight and legislative resolutions on privacy and intellectual property matters.
Though some of the faces will be new, at least as committee chairs, these leaders will address in the new Congress that convenes in January many of the same cybersecurity issues that failed to gain a consensus in the 112th Congress, such as DHS's responsibilities in governing IT security among civilian agencies and the role of the federal government, if any, in regulating security among the privately owned critical national IT infrastructure. And, with rapidly evolving technology and a more dangerous threat landscape, getting that consensus will be more important than ever to the nation.
