What if a single Congressional committee in each chamber had oversight for cybersecurity issues?

That’s one of the organizational fixes the bipartisan U.S. Cyberspace Solarium Commission, a bipartisan organization created in 2019 to develop a multipronged U.S. cyber strategy, is considering recommending to lawmakers. Such an approach would consolidate the disparate committees with jurisdiction over cyber issues.

“We are going to try to talk about consolidating the authorities in the Congress,” Sen. Angus King, I-Maine, co-chair of the U.S. Cyberspace Solarium Commission, said at an event hosted by the Council on Foreign Relations Jan. 7.

A formal report is expected in the coming months.

King’s co-chair, Rep. Mike Gallagher, R-Wisc., also said at the event that there is near unanimity among the lawmakers to fix the problem of congressional oversight of cyber. Today, several committees provide a check and balance on cyber in issues related to the Department of Defense, Department of Homeland Security, Department of Justice, the intelligence community, trade and commerce.

King offered a real-life example of how widespread jurisdiction can have implications for achieving strong cyber policy. He explained it took at least three years to pass a non-controversial bill that sought to protect the electric grid from cyberattacks because the legislation went through multiple committees. Finally, the language passed in this year’s annual defense policy bill.

The senator called such a delay unacceptable.

“I’ve made speeches on the floor where I’ve said, look, I don’t want to go home and after a catastrophic cyberattack and say ‘Well, we knew it was coming and we might have been able to do something about it but, I’m sorry, we had four different committees that had jurisdiction and we just couldn’t do it,’” he said. “That’s not going to satisfy my constituents.”

However, King said consolidating cyber oversight will be tricky given that no committee wants to give up jurisdiction. He and Gallagher mentioned the select committees on intelligence in each house of Congress as inspiration given how they were formed. Those organizations were the result of the Church Committees, which were born out of rampant abuse by the intelligence community in the 1960s and 1970s.

“Hopefully we don’t need a Church Committee sort of an intelligence catastrophe as occurred in the 60s and 70s to justify it this time,” King said of a new oversight regime for cyber. “We think maybe the case is ready to be made and we’re certainly going to make it.”

Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.

More In