Gimenez & Garbarino Opening Statements in Pipeline Security Hearing
Ranking Member Gimenez’s Opening Statement (as prepared for delivery)
Thank you, Chairwoman Watson Coleman, Chairwoman Clarke, and Ranking Member Garbarino. I am pleased that the CIPI and TMS Subcommittees are holding this joint hearing today on cyber threats to pipelines. As we saw with the recent ransomware attack on Colonial Pipeline, securing our nation’s 2.7 million miles of pipeline is of utmost importance.
I look forward to hearing today from Mr. Eric Goldstein of CISA and Ms. Sonya Proctor of TSA on how CISA and TSA work together to ensure pipelines are secure from cyber threats. I thank the witnesses for their time today.
I am interested to hear from TSA on the pipeline industry’s compliance with the Security Directive that TSA issued last month. I look forward to Ms. Proctor detailing what plans TSA has for additional directives in the near future.
I am concerned with the push to move pipeline security oversight from the Department of Homeland Security and into the Department of Energy. I wholeheartedly agree that there is more that TSA can do in terms of increasing its resources and expertise, but I believe TSA or the Department of Homeland Security are the appropriate agency to oversee pipeline security.
TSA’s close collaboration with CISA serves to ensure that there is a strong DHS effort in securing all transportation modes against cyber threats. As a committee we need to continue to strengthen our nation’s cybersecurity by strengthening CISA and giving them all the tools and responsibilities needed to keep all of our cyber infrastructure safe and secure.
I look forward to the discussion today and finding ways to improve the security of our nation’s pipeline against the continued threat of cyber attacks and frankly, all of our nation’s security threats and how we can protect the United States from cyber attacks in the future. Madam Chairwoman, I also share your displeasure that the FBI did not participate today. Thank you, Madam Chairwoman, and I yield back the balance of my time.
Ranking Member Garbarino’s Opening Statement (as prepared for delivery)
I thank our Chairs for calling this important hearing, and I thank our witnesses for being here today.
Last week’s full committee hearing on this topic was an important opportunity to peer into the decision-making process at Colonial and to better understand the business or victim-facing side of an attack.
This week’s hearing affords us a unique opportunity to closer examine the federal government’s coordination and response efforts following an attack.
While Ranking Member Katko, myself, and our partners on the other side of the aisle have all expressed concern with the White House’s decision to have the Department of Energy leading the federal response to this attack, instead of CISA and TSA as the lead agencies for the pipeline sector, we should all recognize that the decision was not any of yours’ to make. We are very appreciative of your efforts in response to this hack, and many others.
But there are clearly still many questions regarding this attack that need answers, and I hope we’re able to get clarity on the outstanding issues here today.
I’m also interested in learning more about the value CISA is providing to industry leadership, such as organization CEOs and CIOs. CISA provides a treasure trove of helpful guidance and resources for organizations to bolster their cyber posture, but it’s increasingly clear that it should be hitting the desk of or nation’s CEOs and CIOs, who are making the tough investment decisions.
While many of the members of our subcommittees understand the inherent value that CISA provides to agencies and industry alike, the truth is that CISA still has a lot to prove to the Hill, and it’s important that you all are able to demonstrate that value.
As the newest agency within the newest department, you are going to have to be forceful in staking your claim to ensure you all are leading the charge on major cyber incidents. The White House also shoulders some responsibility. It must empower CISA with the stature to be successful and appropriately delineate responsibilities between CISA, the Sector Risk Management Agencies, and the incoming National Cyber Director. Cyber threats are rarely isolated to one sector, thus CISA’s role as the central agency that can connect the dots and share threat information across multiple sectors will help secure all critical infrastructure across our nation.
It is also important that you all are not bashful when it comes to highlighting areas that need strengthening, and areas that require additional resources, personnel, or authorities.
Thank you all for being here today.