The Senate Armed Services Committee has a new subcommittee focused on cybersecurity, with Mike Rounds, R-S.D., serving as chairman and Bill Nelson, D-Fla., as ranking member.
The Cybersecurity Subcommittee’s founding follows the historic publication of evidence by the U.S. intelligence community linking Russian government officials to an extensive hacking campaign aimed at U.S. politicians, political organizations, think tanks and lobbying firms.
While Nelson has cosponsored a handful of bills loosely related to cybersecurity policy since taking office in 2001, Rounds, who is two years into his first term, will take the chairmanship with limited relevant experience.
In early January, prior to the appointment, Rounds wrote an op-ed that appeared in Fox News’ opinion page about federal cybersecurity strategy. In that article, he wrote:
It should be apparent to all Americans that the United States is not immune to damaging cyber-attacks from hostile foreign nations and other bad actors. We must update our national security policies to deter such attacks before a future debilitating attack occurs, possibly on civilian critical infrastructure … Defining when a cyber-attack requires a military response is but one in a series of steps we must take to deter our enemies.
Rounds sponsored the Iran Cyber Sanctions Act of 2016, which sought to punish Iranian hackers and other government officials involved in a series of data breaches aimed at U.S. financial institutions. And one year prior, he cosponsored similar legislation intended to discipline North Korean forces responsible for breaching Sony. But neither bill saw the president’s signature.
“Our adversaries have determined that the reward outweighs the risk of launching a cyber-attack against our nation. It is the newest, most sophisticated form of attack threatening our national security today,” Rounds said in a statement, referring to the new subcommittee’s role. “I look forward to working closely with SASC Chairman John McCain (R-Ariz.) in the coming weeks to outline an agenda … that will tackle the most pressing national security matters with regard to cybersecurity.”
Nelson’s office told the Orlando Sentinel that the cybersecurity panel will be focused on ensuring that “the proper policies, strategies and resources are in place to defend the U.S. in cyberspace.”
The Armed Services Committee has broad jurisdiction over national security and military policy issues, as well as the Pentagon’s budget.
Relevant to the subcommittee, Chairman McCain recently discussed his desire to create a standard, consistent, policy framework that would guide the U.S. response following a cyberattack. McCain has disparaged the Obama administration’s approach, which weighs each incident on a case-by-case basis.
In 2005, Nelson cosponsored an identify-theft prevention bill that would have amended the Homeland Security Department’s Cybersecurity Enhancement Act of 2005 — thereby creating a supposed “National Cybersecurity Office.”
Later in 2010, Nelson cosponsored the Cybersecurity Act of 2010, which would have expanded cybersecurity protections typically only afforded to systems designated as critical infrastructure to other federal assets. Additionally, the bill would have set in motion several educational initiatives to help with cybersecurity workforce training. The full Senate never voted on the legislation.
“You can’t just sit on your hands and do nothing,” Nelson said in a statement about the subcommittee’s founding. “If we’re going to deter our enemies from attacking us, we have to make it painfully obvious that the consequences are going to be so severe that they won’t want to do it in the first place.”