115th Congress Senate Committee Rosters

Senate Democrats announced their 115th committee rosters this week. The number of Democrats on several Senate committees increased in the new Congress to reflect the lower Republican majority in the entire Senate. Republicans are expected to announce their committee rosters in January. The updated Senate Democratic committee rosters can be found at: http://www.vantagepointstrat.com/wp-content/uploads/2016/12/115th-Congress-Senate-Committees-12-23-16.pdf.

FY17 Appropriations Update

The Senate is currently debating whether to pass the FY17 continuing resolution (CR) or force a temporary government shutdown. The current CR expires at midnight tonight. Sen. Joe Manchin (D-WV) is leading the effort to block the CR in the Senate over funding for health insurance for retired coal miners. Manchin is pushing for more than the four-month extension of benefits that was included in the CR. The House passed the CR by a vote of 326 to 96 on Thursday.

The CR extends current funding levels for most federal agencies through April 28, 2017 and maintains the current budget cap level of $1.07T put into place under the Budget Control Act of 2011.

The bill includes $170M to help repair the contaminated water system of Flint, MI, but most of that funding hinges on passage of a separate water projects bill (S 612) that would authorize the work. That bill passed the House earlier this week, but Sen. Barbara Boxer (D-CA) has raised concerns in the Senate over an unrelated provision concerning drought relief for California. Democrats are also objecting to what they consider is a weak “Buy America” provision in the bill.

The CR includes a requirement for the Office of Management and Budget (OMB) to calculate whether the CR violates the spending caps that would result in an across-the-board sequester. The Congressional Budget Office (CBO) has estimated that the current CR that expires tonight would exceed the $518.5B limit on FY17 non-defense discretionary spending by $1.6B. Under current law, if the CR exceeds the spending caps the President is required to order across-the-board cuts to most programs. The White House had sought a provision to delay those potential cuts until a final appropriations package is completed next year.

It also contained language designed to speed the confirmation of retired Gen. James Mattis to be President-Elect Trump’s Secretary of Defense. The language would require Mattis to receive 60 votes for a waiver needed to join the cabinet because of his recent military service, but it would expedite the process in the Senate in advance of Trump’s swearing in. Senate Majority Leader Mitch McConnell (R-KY) or Senate Armed Services Committee (SASC) Chairman John McCain (R-AZ) could introduce the waiver legislation within the first 30 days of the new Congress. The bill would be referred to the SASC and if it is not acted on within five days it would go directly to the Senate floor where the process would limit debate to 10 hours.

FY17 CR:

http://docs.house.gov/billsthisweek/20161205/CPRT-114-HPRT-RU00-SAHR2028.pdf

House Appropriations Committee Summary:

http://appropriations.house.gov/news/documentsingle.aspx?DocumentID=394665

Senate Appropriations Committee Summaries:

Security Assistance Appropriations Act Summary

http://www.appropriations.senate.gov/imo/media/doc/120616-FY17-CR-DIVISION%20B%20OCO-DOD-SFOPS-final.pdf

Disaster Relief Summary

http://www.appropriations.senate.gov/imo/media/doc/1206016-FY17-CR-DISASTER-SUPP-Final.pdf

Section-by-Section Summary

http://www.appropriations.senate.gov/imo/media/doc/120616-FY17-Second-CR%20Section-By-Section-Final-Revised.pdf

Commission on Enhancing National Cybersecurity Report to President with Recommendations

In February, President Obama signed an Executive Order establishing within the Department of Commerce the Commission on Enhancing National Cybersecurity. The Commission’s goals are to: enhance cybersecurity awareness and protections at all levels of government, business, and society; protect privacy; ensure public safety and economic and national security; and empower Americans to take better control of their digital security. The Commission is composed of 12 members from industry, academia, and government chaired by former Obama National Security Advisor Tom Donilon who were tasked with providing detailed short- and long-term recommendations to the President by December 1, 2016. To develop their recommendations, the commissioners consulted technical and policy experts, solicited input from the public through open hearings and a request for information, and reviewed existing literature. Those recommendations were released publicly today.

The recommendations cover six major imperatives of cybersecurity:
1. Protect, defend and secure today’s information infrastructure and digital networks
2. Innovate and accelerate investment for the security and growth of digital networks and the digital economy
3. Prepare consumers to thrive in a digital age
4. Build cybersecurity workforce capabilities
5. Better equip government to function effectively and securely in the digital age
6. Ensure and open, fair, competitive, and secure global digital economy
The six imperatives contain a total of 16 recommendations and 53 associated action items that the next administration can pursue.
Link to the report:

Below is the President’s statement on the Commission’s report:

The White House
Office of the Press Secretary
For Immediate Release

Statement by the President on the Report of the Commission on Enhancing National Cybersecurity

In February of this year, I directed the creation of a nonpartisan Commission on Enhancing National Cybersecurity, charging it with assessing the current state of cybersecurity in our country and recommending bold, actionable steps that the government, private sector, and the nation as a whole can take to bolster cybersecurity in today’s digital world.  Yesterday, the members of the Commission – leaders from industry and academia, many with experience in government – provided their findings and recommendations to me.  And earlier today I met with the Commission’s Chair, Tom Donilon, to discuss how we as a country can build on the Commission’s work and enhance our cybersecurity over the coming years.  I want to thank the Commission members for their hard work and for their thoughtful and detailed recommendations.  I am confident that if we implement the Commission’s recommendations, our economy, critical infrastructure, and national security will be better equipped to thrive in the coming years.

The Commission’s report makes clear that cybersecurity is one of the greatest challenges we face as a nation.  That is why I have consistently made cybersecurity a top national security and economic security priority, reflected most recently by the Cybersecurity National Action Plan I announced in February and my 2017 Budget, which called for a more than 35 percent  increase in Federal cybersecurity resources.

During my Administration, we have executed a consistent strategy focused on three priorities:

  1. Raising the level of cybersecurity defenses in the public and private sectors;
  2. Deterring and disrupting malicious cyber activity aimed at the United States or its allies; and
  3. Effectively responding to and recovering from cybersecurity incidents when they occur.

To strengthen our cybersecurity defenses across the country, in 2013 we convened experts from industry, academia and civil society to create the National Institute of Standards and Technology (NIST) Cybersecurity Framework.  As the Commission notes, the Framework has become the gold standard for cybersecurity risk management, and I wholeheartedly support the Commission’s recommendations to expand its usage in the Federal government, the private sector, and abroad.  We encouraged the formation of information sharing and analysis organizations, worked with Congress to enact tailored liability protections for private sector entities that share threat information with the government, and took steps to automate information sharing.  As the Commission calls for, we launched public campaigns to promote cybersecurity awareness among consumers, including the “Lock Down Your Login” campaign encouraging consumers to better secure their identities online.  We have given consumers more tools to secure their financial future by assisting victims of identity theft, improved the government’s payment security, and accelerated the transition to next-generation payment security.  We have invested in cybersecurity research and development to lay the groundwork for stronger cyber defenses in the future.  And I have clarified the roles and responsibilities of Federal agencies in responding to significant cyber incidents by issuing a new directive codifying eight years of lessons learned from incident response.

To strengthen government cybersecurity, we created the first-ever federal Chief Information Security Officer and drove dramatic improvements in Federal agencies’ use of strong authentication and in critical vulnerability patching.  We have pushed to reduce the Federal government’s reliance on legacy technologies, proposing an innovative $3.1 billion fund to modernize costly and vulnerable information technology (IT) systems – a fund that the Commission proposes to expand.  We updated the guidance for Federal agency IT management, cybersecurity, and privacy, introducing the kind of coordination that the Commission calls for.  Agencies are increasingly centralizing their cybersecurity efforts and relying on the Department of Homeland Security (DHS) for shared services like vulnerability detection, network discovery and monitoring, intrusion detection and prevention, and cybersecurity assessments of high priority IT systems.  Consolidating DHS’ cybersecurity and infrastructure protection missions within a single DHS line agency – as my Administration has proposed, and as the Commission recommends – would further strengthen DHS’ ability to support Federal and critical infrastructure cybersecurity.  Finally, consistent with the Commission’s emphasis on improving the Nation’s cybersecurity workforce, my Administration has issued a comprehensive workforce strategy and has hired more than 6,000 new cybersecurity professionals in the Federal government in 2016 alone.

As the Commission recognizes, we have championed the application of international law to cyberspace; promoted voluntary international norms of state behavior during peacetime, securing over 30 countries’ commitment to these norms in the G20 and other international fora; and committed to confidence building measures to reduce escalation risk.  We have secured commitments from China and other nations to oppose cyber-enabled theft of intellectual property and business secrets for commercial gain, sought to modernize the Mutual Legal Assistance process, and submitted legislation to enable greater cross-border data sharing between law enforcement agencies – another effort the Commission strongly supports.  We have developed additional tools and cyber capabilities to deter and disrupt malicious cyber activity aimed at the United States.  Finally, we created the Cyber Threat Intelligence Integration Center to ensure that there is a single government-wide source for integrated intelligence assessments on cyber threats

In total, the Commission’s recommendations affirm the course that this Administration has laid out, but make clear that there is much more to do and the next Administration, Congress, the private sector, and the general public need to build on this progress.  Deepening public-private cooperation will help us better protect critical infrastructure and respond to cyber incidents when they occur.  Expanding the use of strong authentication to improve identity management will make all of us more secure online.  Increasing investments in research and development will improve the security of products and technologies.  Investing in human capital, education, and the productivity of the cybersecurity workforce will ensure that this country’s best and brightest are helping us stay ahead of the cybersecurity curve.  Continuing to prioritize and coordinate cybersecurity efforts across the Federal government will ensure that this critical challenge remains a top national security priority.  And furthering the promotion of international norms of responsible state behavior will ensure that the global community is able to confront the ever-evolving threats we face.

The Commission’s recommendations are thoughtful and pragmatic. Accordingly, my Administration strongly supports the Commission’s work, and we will take additional action wherever possible to build on the work my Administration has already undertaken and to make progress on its new recommendations before the end of my term.  Importantly though, I believe that the next Administration and the next Congress can benefit from the Commission’s insights and should use the Commission’s recommendations as a guide.  I have asked the Commission to brief the President-Elect’s Transition Team at their earliest opportunity.  Further, we must provide sufficient resources to meet the critical cybersecurity challenges called out in the Commission’s report.  Before Congress adjourns for the year, it must act to fully fund the urgent cybersecurity needs that my Administration has identified in my 2017 Budget and elsewhere, investing in areas such as securing Federal information technology systems, protecting critical infrastructure, and investing in our cybersecurity workforce.

As the Commission’s report counsels, we have the opportunity to change the balance further in our favor in cyberspace – but only if we take additional bold action to do so.  My Administration has made considerable progress in this regard over the last eight years.  Now it is time for the next Administration to take up this charge and ensure that cyberspace can continue to be the driver for prosperity, innovation, and change – both in the United States and around the world.

FY17 Appropriations Update

House and Senate Republican leaders continue to negotiate the duration of an FY17 continuing resolution (CR). The current CR expires next Friday, December 9. House Republicans had initially planned to fund the government through March 31, 2017, but Republicans in the Senate argued for a later date in order to accommodate their busier schedule, which will include new administration confirmations and a Supreme Court confirmation. Latest indications point to an April 28, 2017 end date for the CR. Rep. Charlie Dent (R-PA), a member of the House Appropriations Committee, said that a CR until next spring effectively guarantees another CR in March/April/May that extends appropriations through the remainder of FY17 (September 30, 2017).

In addition to how long the CR will last, negotiators are discussing whether the CR will have a topline of $1.07T (agreed to in the budget deal) or $1.067T (the FY16 limit) and what “anomalies” will be included in the final package. Under a CR, no new programs may be started, nor can programs increase or decrease their spending. Anomalies are exceptions to this rule.

Earlier this week the Comptroller at the Department of Defense sent a list of the agency’s highest priorities for the CR and FY17 National Defense Authorization Act to House and Senate appropriators and authorizers. The priorities include, in order of importance, programs to: counter the Islamic State in Iraq and Syria, start procuring new Ohio Class ballistic missile subs, build more KC-46 tanker planes and critical munitions (Hellfire, JDAMs, and Small Diameter Bombs), fund Afghan security forces, increase funding for Army O&M to be used both overseas and stateside, provide multiyear procurement authority for the Apache helicopter, reauthorize certain military bonuses and benefits that expire on January 1, 2017, and increase spending for the European Reassurance Initiative.

House Minority Leader Nancy Pelosi (D-CA) said during her weekly news conference today that she understands the text of the CR will be ready on Monday. House Majority Leader Kevin McCarthy (R-CA) said on the floor today that he hopes to finish the CR and all other matters before the House by Thursday, December 8.