9/11 overhaul likely to include cybersecurity provision

House Republican leaders have included provisions to bolster the Homeland Security Department's cybersecurity responsibilities in legislation addressing recommendations made by the 9/11 Commission, according to sources.

A congressional aide, who reviewed parts of the 9/11 proposal, said it now includes two smaller bills introduced last week by Reps. Mac Thornberry, R-Texas, and Zoe Lofgren, D-Calif., to elevate the department's cybersecurity director and create a technology transfer program.

House Majority Whip Roy Blunt, R-Mo., said last week GOP leaders could have their 9/11 package ready by Tuesday, and House committees could begin marking up the bill next week. The smaller bills were part of the House Homeland Security Committee's authorization measure, but negotiations stalled this summer and sources said it is unlikely the panel will take up an authorization measure this session.

"It did not appear that the authorization measure had legs," said an aide. Thornberry and Lofgren, the chairman and ranking member on the Homeland Security Cybersecurity, Science, and Research and Development Subcommittee, have fashioned bipartisan support for the bill. The provision would require the department to promote the department's cybersecurity director in the bureaucracy to increase the focus and resources on protection against a cyberattack.

Thornberry and Lofgren have said cybersecurity resources within the department are fragmented and a low priority. Lofgren said the cybersecurity bill has wide support in the technology, education, financial and business sectors.

But Larry Clinton, chief operating officer of the Internet Security Alliance, which represents Visa, Verizon and other corporations, said while the group appreciates the notion of promoting cybersecurity, it believes restructuring the department will disrupt ongoing security efforts.

"It's taken a long time to get the current momentum," Clinton said. The department also opposes the legislation, arguing that cybersecurity should be part of the efforts to protect physical infrastructure such as transportation systems, financial markets and electricity grids.

"We just firmly believe [cybersecurity] should remain integrated" within the infrastructure protection wing, said a Homeland Security Department spokeswoman.

On technology, the provision would require the science and technology division to establish a program to transfer and commercialize promising technologies to federal, state and local officials and the private sector. The Senate passed similar legislation late last year.