April 18, 2018

Bipartisan Hack DHS Act Unanimously Passes Senate

WASHINGTON, D.C. – Yesterday, the Senate unanimously passed by voice vote the bipartisan Hack Department of Homeland Security (DHS) Act introduced by U.S. Senators Kamala D. Harris (D-CA), Maggie Hassan (D-NH), Rob Portman (R-OH), and Claire McCaskill (D-MO) to strengthen cyber defenses at DHS. The Hack DHS Act would establish a bug bounty pilot program – modeled off of similar programs at the Department of Defense and major tech companies – that uses vetted “white-hat” or ethical hackers to help identify unique and undiscovered vulnerabilities in the DHS networks and information technology.

 “Cyber threats at the Department of Homeland Security pose real and immediate risks to our national security, and we must use all tools at our disposal to identity and eliminate them,” said Harris. “This legislation will strengthen our government’s cybersecurity defenses and ensure DHS can both detect vulnerabilities in our networks and patch them.”

As the Department in charge of helping to secure all “.gov” domains, as well as critical infrastructure throughout the country, DHS must ensure that its own networks and information technology are free from unintended or unidentified vulnerabilities. The Hack DHS Act will establish a bug bounty program based on the Department of Defense’s pilot program. Under the bill, payments would be provided to white-hat hackers that identify unique and undiscovered vulnerabilities in DHS’s networks and data systems. These white-hat hackers must submit to a background check to help ensure that these individuals do not pose a threat. Additionally, the DHS Secretary must work with the Attorney General to ensure that participants in the bug bounty program do not face prosecutions for their specific work in the program.

For more information on the bill, click here.

Bipartisan companion legislation has also been introduced in the U.S. House by Congressmen Ted Lieu (D - Los Angeles County) and Scott Taylor (R - Virginia).