October 05, 2017

ICYMI: Bipartisan Hassan-Portman Hack DHS Act Passes Homeland Security Committee

WASHINGTON – The bipartisan Hack Department of Homeland Security (DHS) Actwhich was introduced by Senators Maggie Hassan (D-NH) and Rob Portman (R-OH), passed out of the U.S. Senate Homeland Security and Governmental Affairs Committee yesterday. The bill, which is also cosponsored by Senators Claire McCaskill (D-MO) and Kamala Harris (D-CA), would establish a bug bounty pilot program – modeled off of similar programs at the Department of Defense and major tech companies – in order to strengthen cyber defenses at DHS by utilizing “white-hat” or ethical hackers to help identify unique and undiscovered vulnerabilities in the DHS networks and information technology.

See below for highlights of the coverage:

WMUR: NH Primary Source: Hassan-sponsored 'Hack DHS Act' approved by US Senate committee

By John DiStaso

A bill introduced by Democratic Sen. Maggie Hassan of New Hampshire and Republican Sen. Rob Portman of Ohio, aimed at strengthening cybersecurity in the Department of Homeland Security, was approved by a Senate committee Wednesday.

The Hack Department of Homeland Security Act calls for the use of so-called “white-hat” – that is, ethical – hackers “to help identify unique and undiscovered vulnerabilities in the DHS networks and information technology,” according to Hassan’s office.

Hassan is a member of the Senate Homeland Security and Governmental Affairs Committee, which recommended passage of the bill by the full Senate.

“The Department of Homeland Security is a prime target for cyberattacks that can threaten the safety, security and privacy of millions of Americans," Hassan said. “Employing patriotic, ethical hackers who can help identify weaknesses in the department’s cyber systems is a common-sense step that has been successfully utilized in the private sector."

 

[…]

Union Leader: Kevin Landrigan's Granite Status

By Kevin Landrigan

… The Senate Homeland Security Committee on Wednesday approved bipartisan legislation from Sen. Maggie Hassan, D-N.H., and Rob Portman, R-Ohio to employ “white hat” or ethical hackers to identify vulnerabilities in the Department of Homeland Security’s commputer networks.

The Hack DHS Act creates a bug bounty pilot program modeled after similar programs in the Pentagon and with major tech companies.

The panel endorsed three other bills with Hassan’s name on them dealing with border security, children and mobile access.

[…]

 

The Hill: Senate panel approves bill compelling researchers to ‘hack’ DHS

 

By Morgan Chalfant

A Senate panel with oversight of the Department of Homeland Security (DHS) has approved legislation that would set up a “bug bounty” program to pay researchers for catching vulnerabilities in the department’s information systems.

The bipartisan bill, introduced by Sens. Maggie Hassan (D-N.H.) and Rob Portman (R-Ohio) in May, advanced the Senate Homeland Security and Governmental Affairs Committee during a meeting Wednesday. Sen. Claire McCaskill (D-Mo.), the committee’s ranking member, is cosponsoring the legislation, along with Sen. Kamala Harris (D-Calif.).

The “Hack DHS Act” would direct the Department of Homeland Security to set up a pilot “bug bounty” program that would offer cash to security researchers who identify and report vulnerabilities in DHS’s information systems. The idea was modeled after a similar program established at the Pentagon to catch undiscovered vulnerabilities in the Defense Department’s systems.

 

[…]

 

CQ: Panel Moves Bill on DHS Security Gaps, Federal Employment

By Michael Teitelbaum

The Senate Homeland Security and Governmental Affairs Committee approved more than a dozen bills on Wednesday, including one that would create a program to find security gaps at the Department of Homeland Security.

The bill (S 1281) as amended would allow the DHS secretary to create a bug bounty pilot program to limit the security vulnerabilities in the department's information technology systems accessible to the public. It would define a bug bounty program as one in which an approved individual, organization or company is temporarily authorized to find and specify risks within the department's Internet-facing information technology system in exchange for compensation.

… Bill sponsor New Hampshire Democrat Sen. Maggie Hassan issued a press release after the bill moved through committee describing the Homeland Security Department as a "prime target" for cyberattacks and that the department "must do everything in its power to protect the American people from these threats."

 

[…]

Defense Daily Network: House, Senate Committees Approve Border And Cyber Security Bills

By Calvin Biesecker

… Separately, a Senate committee on Wednesday approved a spate of bills, including several aimed at strengthening border and cyber security in the U.S.

One of the bills would create a bug bounty pilot program at the Department of Homeland Security (DHS) to employ ethical hackers to try and find vulnerabilities and gaps in the departments computer networks. The Hack DHS Act (S. 1281), introduced by Sens. Maggie Hassan (D-N.H.) and Rob Portman (R-Ohio), is modeled after a similar program at the Defense Department that pays white-hat hackers to exploit cyber security weaknesses in the DoD’s networks.

A bipartisan companion bill to the Hassan and Portman legislation has been introduced in the House by Reps. Ted Lieu (D-Calif.) and Scotty Taylor (R-Va.).

[…]

###