A bill silently passed through Congress and to U.S. President Donald Trump’s desk that was signed right before Thanksgiving last week, which would re-designate the U.S. Department of Homeland Security’s National Protection and Programs Directorate (NPPD) into a new agency called the Cybersecurity and Infrastructure Security Agency (CISA.)
A statement from President Trump was issued on the White House website:
Every day, America’s adversaries are testing our cyber defenses. They attempt to gain access to our critical infrastructure, exploit our great companies, and undermine our entire way of life. And we can’t let that happen.
This vital legislation will establish a new agency within the Department of Homeland Security to lead the federal government’s civilian response to these cyber threats against our nation. We’ve had many, many threats against our nation. Cyber is going to be the newest form. And the threats have taken place, and we’ve been doing pretty good in knocking them out, but now we’ll be — this will make us, I think, much more effective. We’re putting people that are the best in the world, in charge. And I think we’re going to have a whole different ballgame. Cyber is, to a large extent, where it’s at nowadays.
The men and women of the new Cybersecurity and Infrastructure Security Agency will be on the front lines of our cyber defense. They will partner with the private sector, and all levels of government, to defend America’s power grids, banks, telecommunications, and other critical parts of our economy.
The bill known as the Cybersecurity and Infrastructure Security Agency Act swiftly passed in Congress in October; and last week, H.R. 335 advanced through the House Of Representatives without any resistance and barely any media attention. Trump signed the bill into law almost immediately after the legislation passed the House.
The NPPD was first established in 2007 and has been responsible over the past few years for handling almost all of the DHS’ cybersecurity issues and other projects.
As part of the DHS, the NPPD was the government entity in charge of physical and cybersecurity of federal networks and critical infrastructure. The previous agency also oversaw the Federal Protective Service (FPS), the Office of Biometric Identity Management (OBIM), the Office of Cyber and Infrastructure Analysis (OCIA), the Office of Cybersecurity & Communications (OC&C), and the Office of Infrastructure Protection (OIP).
Nothing is expected to change in day-to-day operations for the agency, but being reorganized as a federal agency, CISA will now benefit from an increased budget and more authority in imposing its directives. Although, CISA will still face oversight by the DHS at the end of the day.
To put that into perspective for you, CISA now has the same power as the U.S. Secret Service or FEMA.
CISA will be responsible for leading cybersecurity, critical infrastructure protection programs, developing associated policy, and coordinating with federal and private sector entities on security matters. CSA will also be responsible for performing DHS’ responsibilities in regards to anti-terrorism measures for chemical plants. In short, CISA will be held accountable for protecting the nation’s critical infrastructure from physical and cyber threats.
According to US-CERT:
(CISA) elevates the mission of the former Department of Homeland Security (DHS) National Protection and Programs Directorate (NPPD) and establishes the Cybersecurity and Infrastructure Security Agency (CISA). CISA is responsible for protecting the Nation’s critical infrastructure from physical and cyber threats, a mission that requires effective coordination and collaboration among a broad spectrum of government and private sector organizations.
The DHS’s statement on the matter shows that the new agency will be “working with partners across all levels of government and in the private sector to secure against the evolving risks of tomorrow.”
The new agency will have several divisions including a Cybersecurity Division, an Infrastructure Security Division, and an Emergency Communications Division. Christopher Krebs, the current NPPD Undersecretary, will be the first new director of the CISA agency.
The reorganization seeks to elevate cybersecurity within the DHS while improving the department’s ability to engage with government and industry stakeholders, Krebs said in a statement this week. “Giving NPPD a name that reflects what it actually does will help better secure the nation’s critical infrastructure and cyber platforms,” Krebs added.
CISA will be a federal agency in charge of overseeing both civilian and federal cybersecurity programs, (not to be confused with the 2015 surveillance bill of the same acronym.)
“Today’s vote is a significant step to stand up a federal government cybersecurity agency,” DHS Secretary Kirstjen Nielsen said. “The cyber threat landscape is constantly evolving, and we need to ensure we’re properly positioned to defend America’s infrastructure from threats digital and physical. It was time to reorganize and operationalize NPPD into the Cybersecurity and Infrastructure Security Agency.”
Rep. Michael McCaul (R-TX), chairman of the House Committee on Homeland Security, sponsored the bill.
As a fun fact, in April this year the DHS announced it would monitor hundreds of thousands of news sources around the globe and compile an extensive database on journalists, editors, foreign correspondents, and bloggers to identify top “media influencers” who mention its name. So with that said, this reporter who is a “tin foil hat wearing, black helicopter conspiracy theorist” and probably a terrorist for worrying about increased government surveillance according to DHS press secretary Tyler Q. Houlton, is ready for his close-up.
Now we can add CISA to a long list of agencies that are authorized to spy under the guise of protection. Although, many may find themselves asking what purpose does the NSA and CIA now serve?
Written by Aaron Kesel