[Congressional Bills 116th Congress]
[From the U.S. Government Publishing Office]
[H.R. 7588 Introduced in House (IH)]

<DOC>






116th CONGRESS
  2d Session
                                H. R. 7588

 To require the Secretary of Homeland Security to conduct a review of 
the ability of the Cybersecurity and Infrastructure Security Agency of 
  the Department of Homeland Security to fulfill its current mission 
                 requirements, and for other purposes.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                             July 13, 2020

     Mr. Katko (for himself, Mr. Ruppersberger, and Mr. Gallagher) 
 introduced the following bill; which was referred to the Committee on 
 Homeland Security, and in addition to the Committees on Oversight and 
Reform, Energy and Commerce, and Transportation and Infrastructure, for 
a period to be subsequently determined by the Speaker, in each case for 
consideration of such provisions as fall within the jurisdiction of the 
                          committee concerned

_______________________________________________________________________

                                 A BILL


 
 To require the Secretary of Homeland Security to conduct a review of 
the ability of the Cybersecurity and Infrastructure Security Agency of 
  the Department of Homeland Security to fulfill its current mission 
                 requirements, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Strengthening the Cybersecurity and 
Infrastructure Security Agency Act of 2020''.

SEC. 2. CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY REVIEW.

    (a) In General.--The Director of the Cybersecurity and 
Infrastructure Security Agency of the Department of Homeland Security 
shall conduct a review of the ability of the Cybersecurity and 
Infrastructure Security Agency to carry out its mission requirements, 
as well as the recommendations detailed in the U.S. Cyberspace Solarium 
Commission's Report regarding the Agency.
    (b) Elements of Review.--The review conducted in accordance with 
subsection (a) shall include the following elements:
            (1) An assessment of how additional budget resources could 
        be used by the Cybersecurity and Infrastructure Security Agency 
        for projects and programs that--
                    (A) support the national risk management mission;
                    (B) support public and private-sector 
                cybersecurity;
                    (C) promote public-private integration; and
                    (D) provide situational awareness of cybersecurity 
                threats.
            (2) A force structure assessment of the Cybersecurity and 
        Infrastructure Security Agency, including--
                    (A) a determination of the appropriate size and 
                composition of personnel to carry out the mission 
                requirements of the Agency, as well as the 
                recommendations detailed in the U.S. Cyberspace 
                Solarium Commission's Report regarding the Agency;
                    (B) as assessment of whether existing personnel are 
                appropriately matched to the prioritization of threats 
                in the cyber domain and risks to critical 
                infrastructure;
                    (C) an assessment of whether the Agency has the 
                appropriate personnel and resources to--
                            (i) perform risk assessments, threat 
                        hunting, and incident response to support both 
                        private and public cybersecurity;
                            (ii) carry out its responsibilities related 
                        to the security of Federal information and 
                        Federal information systems (as such term is 
                        defined in section 3502 of title 44, United 
                        States Code); and
                            (iii) carry out its critical infrastructure 
                        responsibilities, including national risk 
                        management;
                    (D) an assessment of whether current structure, 
                personnel, and resources of regional field offices are 
                sufficient to carry out Agency responsibilities and 
                mission requirements; and
                    (E) an assessment of current Cybersecurity and 
                Infrastructure Security Agency facilities, including a 
                review of the suitability of such facilities to fully 
                support current and projected mission requirements 
                nationally and regionally, and recommendations 
                regarding future facility requirements.
    (c) Submission of Review.--Not later than one year after the date 
of the enactment of this Act, the Secretary of Homeland Security shall 
submit to the Committee on Homeland Security of the House of 
Representatives and the Committee on Homeland Security and Governmental 
Affairs of the Senate a report detailing the result of the review 
conducted in accordance with subsection (a), including recommendations 
to address any identified gaps.

SEC. 3. GENERAL SERVICES ADMINISTRATION REVIEW.

    (a) Submission of Assessment.--Upon submission to the Committee on 
Homeland Security of the House of Representatives and the Committee on 
Homeland Security and Governmental Affairs of the Senate of the report 
required under section 2(c), the Director of the Cybersecurity and 
Infrastructure Security Agency of the Department of Homeland Security 
shall submit to the Administrator of the General Services 
Administration the results of the assessment required under section 
(b)(2)(E).
    (b) Review.--The Administrator of the General Services 
Administration shall--
            (1) conduct a review of Cybersecurity and Infrastructure 
        Security Agency assessment required under section 2(b)(2)(E); 
        and
            (2) make recommendations regarding resources needed to 
        procure or build a new facility or augment existing facilities 
        to ensure sufficient size and accommodations to fully support 
        current and projected mission requirements, including the 
        integration of personnel from the private sector and other 
        Federal departments and agencies.
    (c) Submission of Review.--Not later than 30 days after receipt of 
the assessment under subsection (a), the Administrator of the General 
Services Administration shall submit to the President, the Secretary of 
Homeland Security, the Committee on Homeland Security and Governmental 
Affairs of the Senate, and the Committee on Homeland Security of the 
House of Representatives the review required under subsection (b).
                                 <all>