Sen. Rounds Should Be Effective Cybersecurity Panel Head

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Daniel R. Stoller

Cybersecurity expertise isn’t necessarily crucial to effectively lead the Senate’s new cybersecurity subcommittee, a technology policy analyst told Bloomberg BNA Jan. 19.

The new cybersecurity panel, housed in Chairman John McCain’s (R-Ariz.) Senate Armed Services Committee, will be spearheaded by Sen. Mike Rounds (R-S.D.), with Sen. Bill Nelson (D-Fla.) serving as ranking member. Sen. Lindsay Graham (R-S.C.) had previously been tasked with the job but backed out due to Senate committee rules. The rest of the subcommittee’s members have yet to be announced.

The cybersecurity subcommittee will be yet another important tool for the U.S. government to help combat a growing foreign cybersecurity threat. Another voice on cybersecurity may help companies seeking more policy proposals and guidance to help them conduct businesses domestically and abroad, especially in light of allegations that Russia carried out a hacking attack to try and influence the U.S. presidential election.

Although Rounds doesn’t have a cybersecurity background, he’s a good pick to head the subcommittee because he has “national security and defense” expertise, James Andrew Lewis, the Center for Strategic & International Studies’ senior vice president and director of the strategic technologies program, said. Cybersecurity policy needs someone who can handle “government problems” and knows the inner workings of Capitol Hill more than a technology leader, he said.

Rounds said in a Jan. 18 statement that the Defense Department’s role in U.S. cybersecurity “is of particular concern.” The Russian hacking scandal and other cyberthreats from foreign entities are “pressing national security matters in regards to cybersecurity,” he said. A Rounds’ spokesman declined to elaborate.

Nelson echoed similar concerns, saying the panel should ensure that a sound U.S. cybersecurity policy is in place. Nelson said he’ll use the panel to keep President-elect Donald Trump's administration “accountable if they fail to adequately respond to a future attack.”

The creation of the subcommittee also shows a growing cybersecurity oversight battle between congressional committees, subcommittees and even Trump’s Cabinet nominees.

Can Cybersecurity, Armed Services Gel?

McCain announced Jan. 4 that he would establish a cybersecurity subcommittee, saying the panel was needed because cybersecurity threats to the U.S. present “a long term challenge.”

McCain has previously tried to establish more Senate cybersecurity oversight, pushing in December for the creation of a Senate select committee to delve into the alleged Russian hacking scandal. But Senate Majority Leader Mitch McConnell (R-Ky.) rejected the idea.

Lewis said McCain has been wanting to create a cybersecurity subcommittee “for a couple of years,” and Armed Services is a logical place to house it given that U.S. government cybersecurity can fall under the larger categories of defense, foreign policy, homeland security or intelligence.

Jurisdiction Battle

However, the subcommittee’s creation could also highlight a growing jurisdictional battle over U.S. governmental cybersecurity oversight.

Senate Select Committee on Intelligence Chairman Richard Burr (R-N.C.) and McCain have sparred in the past over leadership of cybersecurity issues, a Senate staffer previously told Bloomberg BNA on background.

Rep. Michael McCaul (R-Texas), chairman of the House Committee on Homeland Security, has also delved into the fray. McCaul said in November 2016 that congressional committee jurisdiction issues were holding back legislation that would simplify and improve oversight of the Department of Homeland Security.

McCaul may have reached a deal on jurisdictional issues in the House, and some senators may be hoping to do likewise in the Senate, Lewis said.

Many of Trump’s Cabinet-level appointees have been tackling cybersecurity questions in their confirmation hearings. Rick Perry, the former Republican governor of Texas, said at his hearing for Energy secretary Jan. 19 that he will take responsibility for the Energy Department’s cybersecurity concerns.

Wilbur Ross, the Commerce secretary nominee, said at his Jan. 18 hearing that cybersecurity issues are “very complicated,” and said the U.S. needs to be “extremely vigilant in developing new and better systems” to protect against a “large and imminent” cyberattack risk.

Graham Not at Helm

The fact that Graham won’t be heading the subcommittee may come as a surprise to those who have followed the South Carolina Republican’s statements since the Jan. 4 subcommittee announcement. Graham, along with McCain, has strongly spoken out against foreign cybersecurity incidents, especially in wake of the Russian allegations.

The subcommittee’s goal, he told reporters, is “trying to come up with national policy on the military side, at least, with rules of engagement to better deal with what is a growing threat.”

Graham already chairs an Appropriations subcommittee on foreign operations and a Judiciary subcommittee on foreign operations and would have needed a waiver to head a third, which he didn’t seek, a Graham spokesman told Bloomberg News.

Representatives for Sens. McCain and Nelson didn’t immediately respond to Bloomberg BNA e-mail and phone call requests for comment.

To contact the reporter on this story: Daniel R. Stoller in Washington at dStoller@bna.com

To contact the editor responsible for this story: Donald Aplin at daplin@bna.com

Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Bloomberg Law Privacy and Data Security