[Congressional Record Volume 163, Number 6 (Tuesday, January 10, 2017)]
[House]
[Pages H275-H277]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]
SUPPORT FOR RAPID INNOVATION ACT OF 2017
Mr. RATCLIFFE. Mr. Speaker, I move to suspend the rules and pass the
bill (H.R. 239) to amend the Homeland Security Act of 2002 to provide
for innovative research and development, and for other purposes, as
amended.
The Clerk read the title of the bill.
The text of the bill is as follows:
H.R. 239
Be it enacted by the Senate and House of Representatives of
the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Support for Rapid Innovation
Act of 2017''.
SEC. 2. CYBERSECURITY RESEARCH AND DEVELOPMENT PROJECTS.
(a) Cybersecurity Research and Development.--
(1) In general.--Title III of the Homeland Security Act of
2002 (6 U.S.C. 181 et seq.) is amended by adding at the end
the following new section:
``SEC. 321. CYBERSECURITY RESEARCH AND DEVELOPMENT.
``(a) In General.--The Under Secretary for Science and
Technology shall support the research, development, testing,
evaluation, and transition of cybersecurity technologies,
including fundamental research to improve the sharing of
information, analytics, and methodologies related to
cybersecurity risks and incidents, consistent with current
law.
``(b) Activities.--The research and development supported
under subsection (a) shall serve the components of the
Department and shall--
``(1) advance the development and accelerate the deployment
of more secure information systems;
``(2) improve and create technologies for detecting attacks
or intrusions, including real-time continuous diagnostics and
real-time analytic technologies;
``(3) improve and create mitigation and recovery
methodologies, including techniques and policies for real-
time containment of attacks, and development of resilient
networks and information systems;
``(4) support, in coordination with non-Federal entities,
the review of source code that underpins critical
infrastructure information systems;
``(5) develop and support infrastructure and tools to
support cybersecurity research and development efforts,
including modeling, testbeds, and data sets for assessment of
new cybersecurity technologies;
``(6) assist the development and support of technologies to
reduce vulnerabilities in industrial control systems; and
``(7) develop and support cyber forensics and attack
attribution capabilities.
``(c) Coordination.--In carrying out this section, the
Under Secretary for Science and Technology shall coordinate
activities with--
``(1) the Under Secretary appointed pursuant to section
103(a)(1)(H);
``(2) the heads of other relevant Federal departments and
agencies, as appropriate; and
``(3) industry and academia.
``(d) Transition to Practice.--The Under Secretary for
Science and Technology shall support projects carried out
under this title through the full life cycle of such
projects, including research, development, testing,
evaluation, pilots, and transitions. The Under Secretary
shall identify mature technologies that address existing or
imminent cybersecurity gaps in public or private information
systems and networks of information systems, identify and
support necessary improvements identified during pilot
programs and testing and evaluation activities, and introduce
new cybersecurity technologies throughout the homeland
security enterprise through partnerships and
commercialization. The Under Secretary shall target federally
funded cybersecurity research that demonstrates a high
probability of successful transition to the commercial market
within two years and that is expected to have a notable
impact on the public or private information systems and
networks of information systems.
``(e) Definitions.--In this section:
``(1) Cybersecurity risk.--The term `cybersecurity risk'
has the meaning given such term in section 227.
``(2) Homeland security enterprise.--The term `homeland
security enterprise' means relevant governmental and
nongovernmental entities involved in homeland security,
including Federal, State, local, and tribal government
officials, private sector representatives, academics, and
other policy experts.
``(3) Incident.--The term `incident' has the meaning given
such term in section 227.
``(4) Information system.--The term `information system'
has the meaning given such term in section 3502(8) of title
44, United States Code.''.
(2) Clerical amendment.--The table of contents in section
1(b) of the Homeland Security Act of 2002 is amended by
inserting after the item relating to the second section 319
the following new item:
``Sec. 321. Cybersecurity research and development.''.
(b) Research and Development Projects.--Section 831 of the
Homeland Security Act of 2002 (6 U.S.C. 391) is amended--
(1) in subsection (a)--
(A) in the matter preceding paragraph (1), by striking
``2016'' and inserting ``2021'';
(B) in paragraph (1), by striking the last sentence; and
(C) by adding at the end the following new paragraph:
``(3) Prior approval.--In any case in which the head of a
component or office of the Department seeks to utilize the
authority under this section, such head shall first receive
prior approval from the Secretary by providing to the
Secretary a proposal that includes the rationale for the
utilization of such authority, the funds to be spent on the
use of such authority, and the expected outcome for each
project that is the subject of the use of such authority. In
such a case, the authority for evaluating the proposal may
not be delegated by the Secretary to anyone other than the
Under Secretary for Management.'';
(2) in subsection (c)--
(A) in paragraph (1), in the matter preceding subparagraph
(A), by striking ``2016'' and inserting ``2021''; and
(B) by amending paragraph (2) to read as follows:
``(2) Report.--The Secretary shall annually submit to the
Committee on Homeland Security and the Committee on Science,
Space, and Technology of the House of Representatives and the
Committee on Homeland Security and Governmental Affairs of
the Senate a report detailing the projects for which the
authority granted by subsection (a) was utilized, the
rationale for such utilizations, the funds spent utilizing
such authority, the extent of cost-sharing for such projects
among Federal and non-Federal sources, the extent to which
utilization of such authority has addressed a homeland
security capability gap or threat to the homeland identified
by the Department, the total
[[Page H276]]
amount of payments, if any, that were received by the Federal
Government as a result of the utilization of such authority
during the period covered by each such report, the outcome of
each project for which such authority was utilized, and the
results of any audits of such projects.''; and
(3) by adding at the end the following new subsection:
``(e) Training.--The Secretary shall develop a training
program for acquisitions staff on the utilization of the
authority provided under subsection (a).''.
(c) No Additional Funds Authorized.--No additional funds
are authorized to carry out the requirements of this Act and
the amendments made by this Act. Such requirements shall be
carried out using amounts otherwise authorized.
The SPEAKER pro tempore. Pursuant to the rule, the gentleman from
Texas (Mr. Ratcliffe) and the gentleman from Mississippi (Mr. Thompson)
each will control 20 minutes.
The Chair recognizes the gentleman from Texas.
General Leave
Mr. RATCLIFFE. Mr. Speaker, I ask unanimous consent that all Members
have 5 legislative days to revise and extend their remarks and to
include any extraneous material on the bill under consideration.
The SPEAKER pro tempore. Is there objection to the request of the
gentleman from Texas?
There was no objection.
Mr. RATCLIFFE. Mr. Speaker, I yield myself such time as I may
consume.
Mr. Speaker, I am very pleased to bring two important bills to the
floor today that strengthen the government's ability to effectively
leverage cutting-edge cyber technologies. Last year, the House passed
both of these provisions as part of Majority Leader McCarthy's
Innovation Initiative, and I am excited that we are able to bring them
to the floor here so early in the 115th Congress.
Mr. Speaker, over the past 2 years, my colleagues and I have been
working diligently with technology innovators and tech startups to find
solutions that will spur innovation and break down the bureaucratic
barriers that prevent the government from effectively leveraging the
private sector's emerging technologies.
H.R. 239, the Support for Rapid Innovation Act of 2017, addresses
this problem by requiring the science and technology directorate, or
S&T, to more effectively coordinate with industry and academia to
support the research and development of cybersecurity technologies.
H.R. 239 does so because it requires S&T to support the full life
cycle of cyber research and development projects and identify mature
technologies to address cybersecurity gaps. In doing so, S&T will be
required to target federally funded cybersecurity research that
demonstrates a high probability of successful transition to the
commercial market within 2 years.
This bill will also extend the use of other transactional authority,
or OTA, until the year 2021, a move that will improve DHS's ability to
engage with tech startups that are developing these cutting-edge
technologies. H.R. 239 also includes additional accountability
requirements to ensure that there is proper oversight of the authority.
Mr. Speaker, our digital borders are constantly being barraged by
cybercriminals, by nation-states, and by terrorists seeking to exploit
and harm innocent Americans. Almost daily, we read news stories on how
these hackers are intruding into our networks and doing so with
increased sophistication. One thing is for certain, we have seen that
cyber intrusions and their impact on victims quickly morph and increase
both in frequency and in their severity.
In 2017, these hackers will unfortunately continue to pose a great
threat to the U.S. homeland and to our critical infrastructure. The
Federal Government, therefore, needs to keep pace with these evolving
threats by more actively working with the private sector to find
effective solutions.
DHS's Directorate of Science and Technology is the primary research
and development arm of the Department. The directorate manages basic
and applied research and development, including cybersecurity R&D, for
the Department's operational components and for our first responders.
Ensuring there are mechanisms in place, like S&T's cybersecurity R&D
programs and the OTA, to support the dynamic nature of cybersecurity
research and development is essential for addressing homeland security
capability gaps.
Thank you again, Mr. Speaker, for calling up this important bill
today. I believe it will have an incredibly positive impact on
encouraging technology innovation across the Nation to address our
vital homeland security needs.
Mr. Speaker, I urge all Members to join me in supporting this very
important bill.
I reserve the balance of my time.
House of Representatives, Committee on Science, Space,
and Technology,
Washington, DC, January 9, 2017.
Hon. Michael McCaul,
Chairman, Committee on Homeland Security, House of
Representatives, Washington, DC.
Dear Mr. Chairman: I am writing concerning H.R. 239, the
``Support for Rapid Innovation Act of 2017,'' which was
introduced on January 4, 2017.
H.R. 239 contains provisions within the Committee on
Science, Space, and Technology's Rule X jurisdiction. In
order to expedite this bill for floor consideration, the
Committee on Science, Space, and Technology will forego
action on the bill. This is being done on the basis of our
mutual understanding that doing so will in no way diminish or
alter the jurisdiction of the Committee on Science, Space,
and Technology with respect to the appointment of conferees,
or to any future jurisdictional claim over the subject
matters contained in the bill or similar legislation.
I would appreciate your response to this letter confirming
this understanding, and would request that you include a copy
of this letter and your response in the Congressional Record
during the floor consideration of this bill. Thank you in
advance for your cooperation.
Sincerely,
Lamar Smith,
Chairman.
____
House of Representatives,
Committee on Homeland Security,
Washington, DC, January 10, 2017.
Hon. Lamar Smith,
Chairman, Committee on Science, Space, and Technology,
Washington, DC.
Dear Chairman Smith: Thank you for your letter regarding
H.R. 239, the ``Support for Rapid Innovation Act of 2017.'' I
appreciate your support in bringing this legislation before
the House of Representatives, and accordingly, understand
that the Committee on Science, Space, and Technology will not
seek a sequential referral on the bill.
The Committee on Homeland Security concurs with the mutual
understanding that by foregoing a sequential referral of this
bill at this time, the Committee on Science, Space, and
Technology does not waive any jurisdiction over the subject
matter contained in this bill or similar legislation in the
future. In addition, should a conference on this bill be
necessary, I would support a request by the Committee on
Science, Space, and Technology for conferees on those
provisions within your jurisdiction.
I will insert copies of this exchange in the Congressional
Record during consideration of this bill on the House floor.
I thank you for your cooperation in this matter.
Sincerely,
Michael T. McCaul,
Chairman.
Mr. THOMPSON of Mississippi. Mr. Speaker, I yield myself such time as
I may consume. I rise in support of H.R. 239, the Support for Rapid
Innovation Act.
Mr. Speaker, this timely legislation authorizes the Department of
Homeland Security to support cybersecurity research and development and
to help innovators with promising cybersecurity technologies to help
commercialize their products.
Government and private sector networks are under constant attack by
increasingly sophisticated cyber hackers. The cyber hacking campaign
carried out by the Russian Government against U.S. political and
business institutions, during the 2016 election, is a recent, high-
profile example.
Concern has also been growing about the threat of cybercriminals
carrying out attacks by exploiting unprotected Internet-enabled
consumer products. This threat was brought into sharp focus last
October with the denial of service attack against Dyn. During that
attack, malware was used to direct tens of thousands of Internet-
connected cameras, DVRs, and other consumer products to carry out
successive, highly sophisticated attacks.
Our adversaries are constantly innovating. It is imperative that the
Federal Government--and specifically DHS--innovate, too. To that end,
H.R. 239 directs DHS to invest in innovative cybersecurity technologies
and provide DHS with flexibility to overcome bureaucratic obstacles
that sometimes
[[Page H277]]
discourage smaller companies, like tech startups, from working with the
Federal Government.
H.R. 239 directs DHS to pursue cybersecurity projects that will
improve detection, mitigation, and recovery from attacks and bolster
the security and resilience of our networks, particularly for critical
infrastructure.
Mr. Speaker, I urge my colleagues to support this bipartisan
legislation to ensure that DHS does its part to advance cybersecurity
research and development.
Cybersecurity threats to our Nation are growing in diversity and
sophistication. We cannot afford to let promising technologies
languish.
The Department of Homeland Security should work with the private
sector in support of innovative cybersecurity research, development,
testing, and evaluation. We have seen that public-private collaboration
can give these technologies the boost they need to enter the market.
Just last month, DHS announced the commercialization of an eight
cybersecurity product launched with the help of the Department's
Transition to Practice program.
I urge my colleagues to support H.R. 239.
I yield back the balance of my time.
Mr. RATCLIFFE. Mr. Speaker, I thank Ranking Member Thompson for his
leadership on the committee, and I want to thank the Cybersecurity,
Infrastructure Protection, and Security Technologies Subcommittee staff
for their hard work.
Once again, I urge my colleagues to support H.R. 239.
I yield back the balance of my time.
Ms. JACKSON LEE. Mr. Speaker, I rise in support of H.R. 239, the
``Support for Rapid Innovation Act of 2017,'' which amends the Homeland
Security Act of 2002 to provide for improved innovative research and
development.
I support this bill because it would extend the Department of
Homeland Security secretary's pilot program for research and
development projects and prototype projects through 2020.
This bill would require the secretary to report annually to the House
Homeland Security and Science committees and the Senate Homeland
Security Committee on the dynamics of the projects undertaken.
Specifically, H.R. 239 would amend the Homeland Security Act of 2002
to include fundamental improvements to facilitate information,
analytics, and methodologies related to cybersecurity risks and
incidents, consistent with the current law.
In particular, it adds a new section to the Homeland Security Act,
directing the Department of Homeland Security to support--whether
within itself, other agencies, or in academia and private industry--the
research and development of cybersecurity-related technologies.
As a senior member of the Homeland Security Committee and Ranking
Member of the Judiciary Committee and Subcommittee on Crime, Terrorism,
Homeland Security, and Investigations, I support this bill as it
directs the Under Secretary for Science and Technology to bolster
research and development, along with the testing and evaluation of
cybersecurity technology to improve the sharing of information,
analysis, and methodologies related to cybersecurity risks and
incidents.
The Rapid Innovation Act is a smart bill that will enable the
Department of Homeland Security to establish and improve technologies
for detecting attacks or intrusions.
The ``Support for Rapid Innovation Act of 2017'' will equip the
Department of Homeland Security with vital tools and resources to
prevent and remove attacks and threats implemented by those who target
our nation.
Mr. Speaker, we face growing cybersecurity threats, which demands
that we increase research and development, along with the testing and
evaluation of cybersecurity technology to expand the sharing of
information, analysis, and methodologies related to cybersecurity risks
and incidents.
This is a comprehensive bill that will help protect all Americans in
every corner of this nation.
I urge all Members to join me in voting to pass H.R. 239.
The SPEAKER pro tempore. The question is on the motion offered by the
gentleman from Texas (Mr. Ratcliffe) that the House suspend the rules
and pass the bill, H.R. 239, as amended.
The question was taken; and (two-thirds being in the affirmative) the
rules were suspended and the bill, as amended, was passed.
A motion to reconsider was laid on the table.
____________________