WASHINGTON, D.C. — Today, House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection Chairman Andrew Garbarino (R-NY) delivered the following opening statement in a hearing to evaluate federal cybersecurity governance and efforts, specifically by the Cybersecurity and Infrastructure Security Agency (CISA) and the Office of the National Cyber Director (ONCD).

Watch Chairman Garbarino’s opening statement in a hearing entitled, “Evaluating Federal Cybersecurity Governance.”

As prepared for delivery:

Thank you to our witnesses for being here to continue our subcommittee’s discussion on a very important topic: Federal cybersecurity. 

Last month, we hosted industry leaders to give their perspectives on the Cybersecurity and Infrastructure Security Agency, or CISA’s, Federal cybersecurity programs, specifically the Continuous Diagnostics and Mitigation (CDM) program and National Cybersecurity Protection System (NCPS). I am eager to hear directly from CISA and the Office of the National Cyber Director, or ONCD, today on their views on those programs and the state of Federal cybersecurity efforts and governance more broadly.

As the operational lead for and administrator of Federal cybersecurity requirements, CISA has a broad and important role in ensuring the security of federal networks. As I said in the previous hearing, whether CISA acts as a service provider or an advisor toward other agencies is a fundamental question, and Congress and CISA must both be consistent in how they approach it.

As one of the Executive Branch’s newest cyber roles, ONCD is tasked with leading national cybersecurity policy and strategy. ONCD’s implementation of the National Cybersecurity Strategy will be a key test of its role in Federal cybersecurity governance.In our last hearing, there were several common themes I hope to further explore with Mr. Goldstein and Mr. DeRusha this afternoon.

We learned that CISA must modernize by considering new technologies so programs like CDM evolve with the changing threat landscape. The Federal government as a whole must adapt to defend against elusive threat actor tactics, like new living off the land techniques seen in the recent Volt Typhoon activity.We also briefly dove into the breakdown of CISA’s budget. With almost 1/3 of its FY 2024 budget request allocated to strengthening Federal networks, it’s important to further discuss how CISA measures the success of programs like CDM, and reforms its legacy programs like EINSTEIN.

Finally, I hope to discuss the Administration’s plans to raise the level of Federal cybersecurity resilience across the board with both our witnesses. Each relevant Committee of jurisdiction in Congress must understand ONCD and the Office of Management and Budget’s, or OMB’s, plan to ensure Federal agency funding proposals are aligned with activities in the National Cybersecurity Strategy. Again, thank you to our witnesses for being here. I look forward to your testimony and to discussing these questions in greater depth.

###