[Congressional Record Volume 161, Number 162 (Monday, November 2, 2015)]
[House]
[Pages H7351-H7353]
DEPARTMENT OF HOMELAND SECURITY INSIDER THREAT AND MITIGATION ACT OF
2015
Mr. KING of New York. Mr. Speaker, I move to suspend the rules and
pass the bill (H.R. 3361) to amend the Homeland Security Act of 2002 to
establish the Insider Threat Program, and for other purposes, as
amended.
The Clerk read the title of the bill.
The text of the bill is as follows:
H.R. 3361
Be it enacted by the Senate and House of Representatives of
the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Department of Homeland
Security Insider Threat and Mitigation Act of 2015''.
SEC. 2. ESTABLISHMENT OF INSIDER THREAT PROGRAM.
(a) In General.--Title I of the Homeland Security Act of
2002 (6 U.S.C. 111 et seq.) is amended by adding at the end
the following new section:
``SEC. 104. INSIDER THREAT PROGRAM.
``(a) Establishment.--The Secretary shall establish an
Insider Threat Program within the Department. Such Program
shall--
``(1) provide training and education for Department
personnel to identify, prevent, mitigate, and respond to
insider threat risks to the Department's critical assets;
``(2) provide investigative support regarding potential
insider threats that may pose a risk to the Department's
critical assets; and
``(3) conduct risk mitigation activities for insider
threats.
``(b) Steering Committee.--
``(1) In general.--The Secretary shall establish a Steering
Committee within the Department. The Under Secretary for
Intelligence and Analysis shall serve as the Chair of the
Steering Committee. The Chief Security Officer shall serve as
the Vice Chair. The Steering Committee shall be comprised of
representatives of the Office of Intelligence and Analysis,
the Office of the Chief Information Officer, the Office of
the General Counsel, the Office for Civil Rights and Civil
Liberties, the Privacy Office, the Office of the Chief Human
Capital Officer, the Office of the Chief Financial Officer,
the Federal Protective Service, the Office of the Chief
Procurement Officer, the Science and Technology Directorate,
and other components or offices of the Department as
appropriate. Such representatives shall meet on a regular
basis to discuss cases and issues related to insider threats
to the Department's critical assets, in accordance with
subsection (a).
``(2) Responsibilities.--Not later than one year after the
date of the enactment of this section, the Under Secretary
for Intelligence and Analysis and the Chief Security Officer,
in coordination with the Steering Committee established
pursuant to paragraph (1), shall--
``(A) develop a holistic strategy for Department-wide
efforts to identify, prevent, mitigate, and respond to
insider threats to the Department's critical assets;
``(B) develop a plan to implement the insider threat
measures identified in the strategy developed under
subparagraph (A) across the components and offices of the
Department;
``(C) document insider threat policies and controls;
``(D) conduct a baseline risk assessment of insider threats
posed to the Department's critical assets;
``(E) examine existing programmatic and technology best
practices adopted by the Federal Government, industry, and
research institutions to implement solutions that are
validated and cost-effective;
``(F) develop a timeline for deploying workplace monitoring
technologies, employee awareness campaigns, and education and
training programs related to identifying, preventing,
mitigating, and responding to potential insider threats to
the Department's critical assets;
``(G) require the Chair and Vice Chair of the Steering
Committee to consult with the Under Secretary for Science and
Technology and other appropriate stakeholders to ensure the
Insider Threat Program is informed, on an ongoing basis, by
current information regarding threats, beset practices, and
available technology; and
``(H) develop, collect, and report metrics on the
effectiveness of the Department's insider threat mitigation
efforts.
``(c) Report.--Not later than two years after the date of
the enactment of this section and the biennially thereafter
for the next four years, the Secretary shall submit to the
Committee on Homeland Security and the Permanent Select
Committee on Intelligence of the House of Representatives and
the Committee on Homeland Security and Governmental Affairs
and the Select Committee on Intelligence of the Senate a
report on how the Department and its components and offices
have implemented the strategy developed under subsection
(b)(2)(A), the status of the Department's risk assessment of
critical assets, the types of insider threat training
conducted, the number of Department employees who have
received such training, and information on the effectiveness
of the Insider Threat Program, based on metrics under
subsection (b)(2)(H).
``(d) Definitions.--In this section:
``(1) Critical assets.--The term `critical assets' means
the people, facilities, information, and technology required
for the Department to fulfill its mission.
``(2) Insider.--The term `insider' means--
``(A) any person who has access to classified national
security information and is employed by, detailed to, or
assigned to the Department, including members of the Armed
Forces, experts or consultants to the Department, industrial
or commercial contractors, licensees, certificate holders, or
grantees of
[[Page H7352]]
the Department, including all subcontractors, personal
services contractors, or any other category of person who
acts for or on behalf of the Department, as determined by the
Secretary; or
``(B) State, local, tribal, territorial, and private sector
personnel who possess security clearances granted by the
Department.
``(3) Insider threat.--The term `insider threat' means the
threat that an insider will use his or her authorized access,
wittingly or unwittingly, to do harm to the security of the
United States, including damage to the United States through
espionage, terrorism, the unauthorized disclosure of
classified national security information, or through the loss
or degradation of departmental resources or capabilities.''.
(b) Clerical Amendment.--The table of contents of the
Homeland Security Act of 2002 is amended by inserting after
the item relating to section 103 the following new item:
``Sec. 104. Insider Threat Program.''.
The SPEAKER pro tempore. Pursuant to the rule, the gentleman from New
York (Mr. King) and the gentleman from Mississippi (Mr. Thompson) each
will control 20 minutes.
The Chair recognizes the gentleman from New York.
General Leave
Mr. KING of New York. Mr. Speaker, I ask unanimous consent that all
Members have 5 legislative days within which to revise and extend their
remarks and include any extraneous material on the bill under
consideration.
The SPEAKER pro tempore. Is there objection to the request of the
gentleman from New York?
There was no objection.
Mr. KING of New York. Mr. Speaker, I yield myself such time as I may
consume.
Mr. Speaker, I rise in support of this legislation. The bill under
consideration ensures that the Department of Homeland Security has the
authority and congressional mandate to create a robust Insider Threat
Program.
In the Manning and Snowden espionage scandals, two trusted insiders
abused their access to classified information. When Aaron Alexis
attacked the Washington Navy Yard, 12 Americans lost their lives. In
the face of these insider threat scenarios, it is vital that government
agencies have the tools to detect and disrupt future insider threat
situations before damage is done. Unfortunately, all three were able to
conduct their traitorous work undetected because the government had at
one time vetted and granted them access to secure facilities and
information systems.
H.R. 3361 reinforces the message that a security clearance is a
privilege granted to individuals who have pledged to protect the
American people from threats domestically and abroad. Had investigators
more thoroughly scrutinized Edward Snowden's background, they might
have identified disturbing trends that made him unfit to hold a
clearance of any kind and a potential insider threat to U.S. national
security. Had Federal adjudicators had access to criminal history
records from the Seattle Police Department, they would have been aware
of Aaron Alexis' arrest in 2004 on firearms charges and potentially
conducted a more rigorous screening of his background prior to
authorizing him access to the Washington Navy Yard.
Trusted insiders, going back to Aldrich Ames and Robert Hanssen, not
only severely damaged national security, their traitorous actions led
to the loss of life. In each case, the post-breach review highlighted
that the previously trusted individual exhibited suspicious behavior,
but it was not reported due to a lack of understanding by colleagues or
failures in the reinvestigation process.
In describing the new type of insider threat represented by Snowden
and WikiLeaks, Michael Hayden correctly concluded that, ``in this new,
modern, connected era, the trusted insider who betrays us is far more
empowered to do damage far greater than these kinds of people were able
to do in the past. And therefore we have to be even more vigilant.''
The Department of Homeland Security has over 280,000 employees,
including tens of thousands with access to classified or sensitive
information. The Department has an existing Insider Threat Program and
is moving forward to increase security controls on internal systems,
but much more remains to be done.
The bill directs DHS to develop a strategy for the Department to
identify, prevent, mitigate, and respond to insider threats, and
requires DHS to ensure that personnel understand what workplace
behavior may be indicative of a potential insider threat and how their
activity on DHS networks will be monitored.
The bill codifies a comprehensive Insider Threat Program at DHS that
can be implemented throughout the Department and its component agencies
and, most importantly, reinforces the importance of preventing future
insider attacks.
I want to thank Homeland Security Chairman McCaul, Ranking Member
Thompson, Ranking Member Higgins, and Congressmen Katko, Donovan, and
Barletta for working with me to bring this bill to the floor. The bill
went through regular order and received bipartisan support during
subcommittee and full committee consideration.
I urge my colleagues to support this bill so we can establish a
comprehensive, transparent DHS-wide Insider Threat Program that is a
model for the public and private sectors.
I reserve the balance of my time.
Mr. THOMPSON of Mississippi. Mr. Speaker, I yield myself such time as
I may consume.
I rise in support of H.R. 3361, the Department of Homeland Security
Insider Threat and Mitigation Act of 2015.
Mr. Speaker, H.R. 3361, the Department of Homeland Security Insider
Threat and Mitigation Act of 2015, authorizes the Department of
Homeland Security to address the homeland and national security risk
posed by trusted insiders.
Typically, trusted insiders are given unrestricted access to mission-
critical assets such as personnel, facilities, and computer networks.
While DHS, like other Federal agencies, conducts extensive vetting of
prospective employees, there remains a risk that someone who gains
``insider status'' exploits their position to damage the United States
through espionage, terrorism, or even the unauthorized disclosure of
sensitive national security information.
As the ranking member of the Committee on Homeland Security, I am
supportive of the Department of Homeland Security's current Insider
Threat Program. It is targeted at preventing and detecting when a
vetted DHS employee or contractor with authorized access to U.S.
Government resources, including personnel, facilities, information,
equipment, networks, and systems, exploits such access for nefarious,
terroristic, or criminal purposes.
While I support the DHS program, I could not support this legislation
when it was considered by the full committee because it did not include
language to prevent the somewhat broad authority granted under this
bill for being used by DHS to deploy ``continuous evaluation.''
Continuous evaluation is an automated system that constantly monitors
public and private databases for information regarding the credit,
criminal, and social media activities of certain individuals. The
Defense Department has an extensive pilot underway, and I am concerned
that Federal agencies, with the understandable urge to protect their IT
systems and facilities, are racing to acquire this capability before
knowing whether such costly systems are even effective.
At this time, I would like to engage in a colloquy with the gentleman
from New York (Mr. King) about some concerns I have with the prospect
that the Department will use the authority under this act to establish
a continuous evaluation program.
{time} 1615
Would the gentleman agree that it is important that, prior to
establishing any such program under which certain DHS employees would
be subjected to ongoing automated credit, criminal, or social media
monitoring, the Department engages Congress about not only the
potential costs and benefits of such a program but what protections
would be in place for workers subject to such program?
I yield to the gentleman from New York (Mr. King).
Mr. KING of New York. I thank the gentleman for yielding.
Yes, I agree with the gentleman from Mississippi. The implementation
of the Insider Threat Program, including a possible continuous
evaluation component, needs congressional oversight and must be
transparent.
[[Page H7353]]
I look forward to working with the gentleman from Mississippi on this
issue as we go forward.
Mr. THOMPSON of Mississippi. I thank the gentleman.
Mr. Speaker, we live at a time when the threats to our Nation are
complex. None of us want to see someone exploit their access to DHS
networks to carry out cybercrimes or other criminal activity.
Even as DHS works to detect and prevent such threats, it is important
that such activities be carried out in a transparent way so as not to
compound the chronic morale challenges that exist within the workforce.
Each time DHS considers making an adjustment to its Insider Threat
Program, thoughtful consideration must be paid to whether the
operational drawbacks and costs of such an adjustment outweigh the
benefit of such change.
That said, I commend General Taylor, the Under Secretary for
Intelligence and Analysis at DHS, for the attention he has given to the
insider threat challenge and look forward to continuing to work with
him to bolster security within the Department.
I appreciate the gentleman from New York's cooperation and colloquy.
I look forward to the successful passage and approval of this bill.
Mr. Speaker, I yield back the balance of my time.
Mr. KING of New York. Mr. Speaker, I yield myself such time as I may
consume.
Mr. Speaker, let me also at the outset thank the distinguished
ranking member for his support and his cooperation as this bill has
gone forward. I am sure the two of us will be able to continue to work
and cooperate as, again, this will be monitored in the future.
The Department of Homeland Security and all Federal agencies are
targeted by adversaries on a daily basis. Some of the most damaging
attacks to the U.S. Government have been committed by U.S. citizens who
have been granted access to government facilities and electronic
networks.
This bill provides the framework for DHS to implement an Insider
Threat Program that identifies and disrupts malicious insiders who seek
to do the Department and its employees harm. It also seeks to protect
the Department's workforce by conducting a transparent process to
reinforce cyber hygiene, data security, and awareness of malicious
activity through a robust training program.
I want to thank the committee staff, especially John Neal and Tyler
Lowe.
I urge my colleagues to vote for H.R. 3361.
Mr. Speaker, I yield back the balance of my time.
Ms. JACKSON LEE. Mr. Speaker, as a senior member of the Homeland
Security Committee, I rise in support of H.R. 3361, the ``Department of
Homeland Security Insider Threat and Mitigation Act.''
I am in support of this bill because it amends the Homeland Security
Act of 2002 to direct the Department of Homeland Security (DHS) to
establish an Insider Threat Program, which shall: provide training and
education for DHS personnel to identify, prevent, mitigate, and respond
to insider threat risks to DHS's critical assets; provide investigative
support regarding such threats; and conduct risk mitigation activities
for such threats.
The Department of Homeland Security will establish a Steering
Committee headed by the Under Secretary for Intelligence and Analysis
who will serve as the Chair; and the Chief Security Officer of the
office as the Vice Chair of the Committee.
The Under Secretary and the Chief Security Officer, in coordination
with the Steering Committee, shall: develop a holistic strategy for
DHS-wide efforts to identify, prevent, mitigate, and respond to insider
threats to DHS's critical assets; develop a plan to implement the
strategy across DHS components and offices; document insider threat
policies and controls; conduct a baseline risk assessment of such
threats; examine existing programmatic and technology best practices
adopted by the federal government, industry, and research institutions;
develop a timeline for deploying workplace monitoring technologies,
employee awareness campaigns, and education and training programs
related to potential insider threats; consult with the Under Secretary
for Science and Technology and other stakeholders to ensure that the
Insider Threat Program is informed by current information regarding
threats, best practices, and available technology; and develop,
collect, and report metrics on the effectiveness of DHS's insider
threat mitigation efforts.
Threat mitigation is focused on blunting the effectiveness of threats
posed by terrorists seeking to carry out attacks in the United States.
This is a core mission of the Department of Homeland Security and
this bill will support that mission.
I ask my colleagues to join me in support of this bill.
The SPEAKER pro tempore. The question is on the motion offered by the
gentleman from New York (Mr. King) that the House suspend the rules and
pass the bill, H.R. 3361, as amended.
The question was taken; and (two-thirds being in the affirmative) the
rules were suspended and the bill, as amended, was passed.
A motion to reconsider was laid on the table.
____________________
