The House Homeland Security Committee on Wednesday advanced legislation that would write into law a Department of Homeland Security cybersecurity center as the lead agency for handling digital threats to industrial control systems (ICS), like those underpinning the energy sector.
The bill would make clear that DHS’s National Cybersecurity and Communications Integration Center (NCCIC) is the hub for mitigating ICS-specific vulnerabilities and provide the private sector with a “permanent place for assistance to address cybersecurity risk,” Rep. Don Bacon, R-Neb., who introduced the bill, said at a markup.
“We know we are vulnerable…to these cyberattacks on our energy grid, and the time is now to start building that resiliency in our energy grid,” Bacon stated.
With DHS and the Department of Energy both concerning themselves with ICS cybersecurity, “there’s some ambiguity [on] who does what” on the issue, Bacon told CyberScoop after the hearing.
“The NCCIC has been doing a lot of this,” he explained. “We want to codify it, so they have their responsibility, then they get the funding line for it. So this makes it black and white.”
Texas Republicans Michael McCaul and John Ratcliffe are also sponsors of the bill, which would mandate that NCCIC report to Congress every six months on its ICS cybersecurity capabilities.
Helping to protect ICS has become an important task for government because attacks on critical safety systems can cause physical harm.
The ICS Cyber Emergency Response Team, or ICS-CERT, within NCCIC already disseminates security alerts to industry and sends specialists to support companies that are attacked by advanced hacking groups.
Marty Edwards, the team’s former head, welcomed the legislation as an affirmation of the importance of the ICS-CERT mission. While ICS-CERT is already doing the things outlined in the bill, “this is pretty big from a legislative perspective as the control systems mission was never codified like this into law,” Edwards told CyberScoop.
ICS threats to U.S. companies have garnered regular attention from policymakers in recent months.
In March, DHS warned that Russian government hackers had targeted the energy sector in a two-year campaign that collected information on ICS. Meanwhile, the developers of the ICS-tailored malware known as Trisis, have moved beyond the Middle East to attack multiple U.S. companies, CyberScoop reported last month.