Chairwoman Comstock Opening Statement on Strengthening U.S. Cybersecurity Capabilities
WASHINGTON - U.S. Rep. Barbara Comstock (R-Va.), chairwoman of the U.S. House Science, Space, and Technology Committee’s Subcommittee on Research and Technology, delivered the following opening statement today at the hearing, Strengthening U.S. Cybersecurity Capabilities. Today’s witnesses are Dr. Charles H. Romine, director, Information Technology Lab, National Institute of Standards and Technology (NIST); Mr. Iain Mulholland, industry member, CSIS Cyber Policy Task Force; chief technology officer, Security, VMware, Inc.; Dr. Diana Burley, executive director and chair, Institute for Information Infrastructure Protection (I3P); professor, Human and Organizational Learning, The George Washington University; and Mr. Gregory Wilshusen, director, Information Security Issues, GAO.
As prepared for delivery:
I want to begin by thanking everyone for attending this first hearing of the Research and Technology Subcommittee in the 115th Congress.
I look forward to working with the Members of the Subcommittee, some of whom are new to the Committee, while others are new to Congress, on the many issues under our jurisdiction.
The topic of cybersecurity is a familiar one for this Committee, and this Subcommittee in particular. It is also a topic of continuously growing international attention and concern.
During the 114th Congress, the Science Committee held a dozen hearings related to cybersecurity. Some of these were triggered by notable events such as the Office of Personnel Management (OPM) and Internal Revenue Service (IRS) data breaches. I still remember receiving my OPM letter, which informed me that my personal information may have been compromised or stolen by the cyber criminals behind this attack.
I also chaired a hearing last year during which the IRS Commissioner testified about the breaches under his watch. It was frustrating to hear that criminals used information from other cyber-attacks to accurately answer questions on the IRS website to access what should have been secured information. Those criminals should not have been able to access such information, and may not have been able to access it, had the agency fully followed security guidelines provided by the National Institute of Standards and Technology (NIST).
I look forward to hearing from our witnesses today about cybersecurity recommendations to help protect U.S. information systems. These recommendations were highlighted in recent documents, which include the report published by the Commission on Enhancing National Cybersecurity and one published by the Center for Strategic and International Studies.
The Government Accountability Office (GAO), which has issued countless recommendations in the area of cybersecurity for decades, is also represented at today’s hearing. I am interested in hearing how the suggestions from the reports being profiled today align with GAO’s body of work.
I also look forward to hearing more about what can be done to proactively address cyber workforce gaps. When I travel around my district and visit with constituents who work in the technology sector, a repeated concern is the increasing need for individuals with appropriate education, training, and knowledge of cybersecurity matters.
Before I yield to the Ranking Member, let me just note that I appreciate everyone’s presence here today given that this is the week of the RSA Conference in San Francisco. Dr. Romine, I especially appreciate you flying back from California to participate in this hearing.