September 13, 2018

Bipartisan Hassan-Portman Hack DHS Act Clears Key House Committee Hurdle

WASHINGTON – Today, the bipartisan Hack Department of Homeland Security (DHS) Act that was introduced by Senators Maggie Hassan (D-NH) and Rob Portman (R-OH) passed out of the House Committee on Homeland Security, getting one step closer to passing the House of Representatives and being sent to the President’s desk for signature.

The bipartisan bill would establish a bug bounty pilot program – modeled off of similar programs at the Department of Defense and major tech companies –to strengthen cyber defenses at DHS by using “white-hat” or ethical hackers to help identify unique and undiscovered vulnerabilities in the DHS networks and data systems. A companion bill was introduced in the House by Representatives Ted Lieu (D-CA) and Scott Taylor (R-VA). The Senate version of the bill passed the Senate unanimously earlier this year.

“I am pleased that the House Committee on Homeland Security voted to approve this commonsense bill that will help strengthen our country’s cyber defenses at the Department of Homeland Security,” Senator Hassan said. “The bipartisan Hack DHS Act is critical to enhancing the safety and security of millions of Granite Staters and Americans by harnessing the skills of ethical hackers across our country as a force multiplier against the cyber threats that the Department of Homeland Security faces every single day. I look forward to seeing this bill become law as soon as possible so that we can better strengthen the safety and security of all hard-working Granite Staters and Americans.”

“The networks and systems at DHS are vital to the security of Ohioans and all Americans,” said Senator Portman.  “I am pleased that our bipartisan Hack DHS bill has moved out of the House Homeland Security Committee and is one step closer to being signed into law. This legislation ensures DHS will execute a bug-bounty program and reap the cost-effective benefits to the security of their networks and systems.” 

“Our country leads the way in so many fields, so why not cybersecurity? As one of only four Computer Science majors in Congress, I recognize we have a lot of work to do to ensure the U.S. Government is on the cutting edge of combating cyber threats,” said Congressman Ted Lieu. “I led the House’s effort with Rep. Taylor to create a bug bounty program at DHS because government data vulnerability is one of our most pressing national security threats. I’m excited at the prospect of having another tool to keep Americans safe. Thank you to Senators Hassan and Portman for leading the efforts on this issue in the Senate.”

“This legislation is an absolute necessity in today's world. I am grateful for the bipartisan leadership of Congressman Lieu, and Senators Hassan and Portman, on this critical legislation,” said Congressman Scott Taylor.

As the Department in charge of helping to secure all “.gov” domains, as well as critical infrastructure throughout the country, DHS must ensure that its own networks and information technology are free from unintended or unidentified vulnerabilities. The Hack DHS Act will establish a bug bounty program based on the Department of Defense’s pilot program. Under the bill, payments would be provided to white-hat hackers that identify unique and undiscovered vulnerabilities in DHS’s networks and data systems. These white-hat hackers must submit to a background check to help ensure that these individuals do not pose a threat. Additionally, the DHS Secretary must work with the Attorney General to ensure that participants in the bug bounty program do not face prosecutions for their specific work in the program.


For more information on the bill, click here.