Cybersecurity: Legislation, Hearings, and
Executive Branch Documents

Rita Tehan
Information Research Specialist
July 15, 2015
Congressional Research Service
7-5700
www.crs.gov
R43317


Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Summary
Cybersecurity vulnerabilities challenge governments, businesses, and individuals worldwide.
Attacks have been initiated against individuals, corporations, and countries. Targets have included
government networks, companies, and political organizations, depending upon whether the
attacker was seeking military intelligence, conducting diplomatic or industrial espionage,
engaging in cybercrime, or intimidating political activists. In addition, national borders mean
little or nothing to cyberattackers, and attributing an attack to a specific location can be difficult,
which may make responding problematic.
Despite many recommendations made over the past decade, no major legislative provisions
relating to cybersecurity had been enacted since 2002. However, on December 18, 2014, in the
last days of the 113th Congress, five cybersecurity bills were signed by the President. These bills
change federal cybersecurity programs in a number of ways:
• codifying the role of the National Institute of Standards and Technology (NIST)
in developing a “voluntary, industry-led set of standards” to reduce cyber risk;
• codifying the Department of Homeland Security’s (DHS’s) National
Cybersecurity and Communications Integration Center as a hub for interactions
with the private sector;
• updating the Federal Information Security Management Act (FISMA) by
requiring the Office of Management and Budget (OMB) to “eliminate ...
inefficient and wasteful reports”; and
• requiring DHS to develop a “comprehensive workforce strategy” within a year
and giving DHS new authorities for cybersecurity hiring.
In April 2011, the Obama Administration sent Congress legislative proposals that would have
given the federal government new authority to ensure that corporations owning assets most
critical to the nation’s security and economic prosperity adequately addressed risks posed by
cybersecurity threats. This report provides links to cybersecurity legislation in the 112th and 113th
Congresses.
• 114th Congress Legislation, House, Table 1
• 114th Congress Legislation, Senate, Table 2
• 113th Congress, Major Legislation, Table 3 and Table 4
• 112th Congress, Major Legislation, Table 5 and Table 7
• 112th Congress, Senate Floor Debate: S. 3414, Table 6
• 112th Congress, House Floor Debate: H.R. 3523, Table 8
Congress has held cybersecurity hearings every year since 2001. This report also provides links to
cybersecurity-related committee hearings in the 112th and 113th Congresses.
• 114th Congress, Senate Hearings, Table 9 and Table 10
• 114th Congress, House Hearings, Table 11 and Table 12
• 113th Congress, House Hearings, Table 14 and Table 15
• 113th Congress, House Committee Markups, Table 16
• 113th Congress, Senate Hearings, Table 17 and Table 19
• 113th Congress, Other Hearings, Table 18 and Table 20
Congressional Research Service

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

• 112th Congress, House Hearings, Table 21 and Table 22
• 112th Congress, House Markups, Table 23
• 112th Congress, Senate Hearings, Table 24 and Table 25
• 112th Congress, Congressional Committee Investigative Reports, Table 26
For a discussion of selected legislative proposals in the 112th and 113th Congresses, see CRS
Report R42114, Federal Laws Relating to Cybersecurity: Overview of Major Issues, Current
Laws, and Proposed Legislation
, by Eric A. Fischer.
Executive orders authorize the President to manage federal government operations. Presidential
directives pertain to all aspects of U.S. national security policy as authorized by the President.
This report provides a list of executive orders and presidential directives pertaining to information
and computer security.
• Executive Orders and Presidential Directives, Table 27
For a selected list of authoritative reports and resources on cybersecurity, see CRS Report
R42507, Cybersecurity: Authoritative Reports and Resources, by Topic, by Rita Tehan. For
selected cybersecurity data, statistics, and glossaries, see CRS Report R43310, Cybersecurity:
Data, Statistics, and Glossaries
, by Rita Tehan.

Congressional Research Service

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Contents
Legislation ....................................................................................................................................... 1
CRS Reports and Other CRS Products: Legislation .................................................................. 2
Hearings in the 114th Congress ........................................................................................................ 9
Hearings in the 113th Congress ...................................................................................................... 19
Hearings in the 112th Congress ...................................................................................................... 29
Executive Orders and Presidential Directives ................................................................................ 39
CRS Reports on Executive Orders and Presidential Directives .............................................. 39

Tables
Table 1. 114th Congress Legislation: House ..................................................................................... 3
Table 2. 114th Congress Legislation: Senate .................................................................................... 5
Table 3. 113th Congress, Major Legislation: Senate ........................................................................ 6
Table 4. 113th Congress, Major Legislation: House ......................................................................... 7
Table 5. 112th Congress, Major Legislation: Senate ........................................................................ 8
Table 6. 112th Congress, Senate Floor Debate: S. 3414 ................................................................... 8
Table 7. 112th Congress, Major Legislation: House ......................................................................... 9
Table 8. 112th Congress, House Floor Debate: H.R. 3523 ............................................................... 9
Table 9. 114th Congress, Senate Hearings, by Date ....................................................................... 10
Table 10. 114th Congress, Senate Hearings, by Committee ........................................................... 11
Table 11. 114th Congress, House Hearings, by Date ...................................................................... 13
Table 12. 114th Congress, House Hearings, by Committee ............................................................ 16
Table 13. 114th Congress, Other Hearings ..................................................................................... 18
Table 14. 113th Congress, House Hearings, by Date ...................................................................... 20
Table 15. 113th Congress, House Hearings, by Committee ............................................................ 22
Table 16. 113th Congress, House Committee Markups, by Date ................................................... 25
Table 17. 113th Congress, Senate Hearings, by Date ..................................................................... 25
Table 18. 113th Congress, Other Hearings, by Date ....................................................................... 27
Table 19. 113th Congress, Senate Hearings, by Committee ........................................................... 27
Table 20. 113th Congress, Other Hearings, by Committee ............................................................. 28
Table 21. 112th Congress, House Hearings, by Date ...................................................................... 30
Table 22. 112th Congress, House Hearings, by Committee ............................................................ 32
Table 23. 112th Congress, House Markups, by Date ...................................................................... 35
Table 24. 112th Congress, Senate Hearings, by Date ..................................................................... 35
Table 25. 112th Congress, Senate Hearings, by Committee ........................................................... 36
Table 26. 112th Congress, Congressional Committee Investigative Reports ................................. 38
Table 27. Executive Orders and Presidential Directives ................................................................ 40

Congressional Research Service

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Contacts
Author Contact Information........................................................................................................... 44
Key CRS Policy Staff .................................................................................................................... 44

Congressional Research Service

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Legislation
No major legislative provisions relating to cybersecurity had been enacted since 2002, despite
many recommendations made over the past decade.
In the 112th Congress, the White House sent a comprehensive, seven-part legislative proposal
(White House Proposal) to Congress on May 12, 2011.1 Some elements of that proposal were
included in both House and Senate bills. The House passed a series of bills that addressed a
variety of issues—from toughening law enforcement of cybercrimes to giving the Department of
Homeland Security (DHS) oversight of federal information technology and critical infrastructure
security to lessening liability for private companies that adopt cybersecurity best practices. The
Senate pursued a comprehensive cybersecurity bill (S. 3414) with several committees working to
create a single vehicle for passage, backed by the White House, but the bill failed to overcome
two cloture votes and did not pass. Despite the lack of enactment of cybersecurity legislation in
the 113th Congress, there still appears to be considerable support in principle for significant
legislation to address most of the issues.
In the 113th Congress, five cybersecurity bills were signed by the President on December 18,
2014:
• H.R. 2952, the Cybersecurity Workforce Assessment Act, which requires the
DHS to develop a cyber-workforce strategy;
• S. 1353, the Cybersecurity Enhancement Act of 2014, which codifies the
National Institute of Standards and Technology’s (NIST’s) role in cybersecurity;
• S. 1691, the Border Patrol Agent Pay Reform Act of 2014, which gives DHS new
authorities for cybersecurity hiring;
• S. 2519, the National Cybersecurity Protection Act of 2014, which codifies
DHS’s cybersecurity center; and
• S. 2521, the Federal Information Security Modernization Act of 2014, which
reforms federal IT security management.
The National Defense Authorization Act for Fiscal Year 2014 became P.L. 113-66 on December
26, 2013.
In February 2013, the White House issued an executive order designed to improve the
cybersecurity of U.S. critical infrastructure.2 Executive Order 13636 attempts to enhance the
security and resiliency of critical infrastructure through voluntary, collaborative efforts involving
federal agencies and owners and operators of privately owned critical infrastructure, as well as
the use of existing federal regulatory authorities. Given the absence of comprehensive
cybersecurity legislation, some security observers contend that E.O. 13636 is a necessary step in
securing vital assets against cyberthreats. Others have expressed the view that the executive order
could make enactment of a bill less likely or could lead to government intrusiveness into private-
sector activities through increased regulation under existing statutory authority. For further
discussion of the executive order, see CRS Report R42984, The 2013 Cybersecurity Executive
Order: Overview and Considerations for Congress
, by Eric A. Fischer et al.

1 The White House, Complete Cybersecurity Proposal, 2011, http://www.whitehouse.gov/sites/default/files/omb/
legislative/letters/law-enforcement-provisions-related-to-computer-security-full-bill.pdf.
2 Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” Federal Register 78, no. 33 (February 19,
2013): 11737–11744.
Congressional Research Service
1

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

More than 30 bills have been introduced in the 114th Congress that would address several issues,
including data-breach notification, incidents involving other nation-states, information sharing,
law enforcement and cybercrime, protection of critical infrastructure (CI), workforce
development, and education. The Obama Administration has released proposals for three bills—
on information sharing, data-breach notification, and revision of cybercrime laws. Several bills
have received or are expected to receive committee or floor action.
On April 22, 2015, the House passed H.R. 1560, which will provide liability protection to
companies that share cyber threat information with the government and other companies so long
as personal information is removed before the sharing of such information. On April 23, 2015, the
House passed H.R. 1731, which will encourage the sharing of information with the Department of
Homeland Security by protecting entities from civil liabilities.
For a side-by-side comparison of cybersecurity and information legislation in the 114th Congress,
see CRS Report R43996, Cybersecurity and Information Sharing: Comparison of H.R. 1560 and
H.R. 1731 as Passed by the House
, by Eric A. Fischer and Stephanie M. Logan.
CRS Reports and Other CRS Products: Legislation
• CRS Report R43831, Cybersecurity Issues and Challenges: In Brief, by Eric A.
Fischer
• CRS Report R44069, Cybersecurity and Information Sharing: Comparison of
Legislative Proposals in the 114th Congress, by Eric A. Fischer and Stephanie M.
Logan
• CRS Report R43996, Cybersecurity and Information Sharing: Comparison of
H.R. 1560 and H.R. 1731 as Passed by the House, by Eric A. Fischer and
Stephanie M. Logan
• CRS Report R42114, Federal Laws Relating to Cybersecurity: Overview of
Major Issues, Current Laws, and Proposed Legislation, by Eric A. Fischer
• CRS Report R43821, Legislation to Facilitate Cybersecurity Information
Sharing: Economic Analysis, by N. Eric Weiss
• CRS Report IN10186, Cybersecurity: FISMA Reform, by Eric A. Fischer
• CRS Report R42474, Selected Federal Data Security Breach Legislation, by
Kathleen Ann Ruane
• CRS Report R42475, Data Security Breach Notification Laws, by Gina Stevens
• CRS Legal Sidebar WSLG480, Privacy and Civil Liberties Issues Raised by
CISPA, by Andrew Nolan
• CRS Legal Sidebar WSLG478, House Intelligence Committee Marks Up
Cybersecurity Bill CISPA, by Richard M. Thompson
• CRS Legal Sidebar WSLG481, CISPA, Private Actors, and the Fourth
Amendment, by Richard M. Thompson
• CRS Legal Sidebar WSLG483, Obstacles to Private Sector Cyber Threat
Information Sharing, by Edward C. Liu

Congressional Research Service
2

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Table 1. 114th Congress Legislation: House
Date
Latest Major
Bill No.
Title
Committee(s)
Introduced
Action Date
H.R. 53
Cyber Security
Education and
January 6, 2015
Referred to
April 29, 2015
Education and
the Workforce;
Subcommittee of
Federal
Homeland
Higher
Workforce
Security;
Education and
Enhancement Act Science, Space,
Workforce
and Technology
Training
H.R. 60
Cyber Defense
Committee on
January 6, 2015
Referred to
January 6, 2015
National Guard
Intelligence
committee
Act
(Permanent
Select)
H.R. 104
Cyber Privacy
Judiciary
January 6, 2015
Referred to
January 22, 2015
Fortification Act
Subcommittee
of 2015
on Crime,
Terrorism,
Homeland
Security, and
Investigations
H.R. 234
Cyber
Armed Services, January 8, 2015
Referred to the
February 2, 2015
Intelligence
Homeland
Subcommittee
Sharing and
Security,
on the
Protection Act
Intelligence
Constitution and
(Permanent),
Civil Justice
Judiciary
H.R. 451
Safe and Secure
Oversight and
January 21, 2015
Ordered to be
May 19, 2015
Federal Websites Government
Reported
Act of 2015
Reform
(Amended) by
Voice Vote
H.R. 580
Data
Energy and
January 28, 2015
Referred to
January 30, 2015
Accountability
Commerce
subcommittee
and Trust Act
H.R. 1073
Critical
Homeland
February 25,
Ordered to be
June 25, 2015
Infrastructure
Security
2015
Reported
Protection Act
(Amended) by
(CIPA)
Voice Vote
H.R. 1560
Protecting Cyber Intelligence
March 24, 2015
Passed by House April 27, 2015
Networks Act
April 22, Roll
Cal Vote 170,
Received in
Senate
H.R. 1584
Cybercrime Anti-
Judiciary
March 24, 2015
Referred to
April 21, 2015
Resale Deterrent
Subcommittee
Extraterritoriality
on Crime,
Revision
Terrorism,
(CARDER) Act
Homeland
Security, and
Investigations
Congressional Research Service
3

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Date
Latest Major
Bill No.
Title
Committee(s)
Introduced
Action Date
H.R. 1704
Personal Data
Judiciary, Energy March 26, 2015
Referred to
April 29, 2015
Notification and
and Commerce
Subcommittee
Protection Act
on the
Constitution and
Civil Justice
H.R. 1731
National
Homeland
April 14, 2015
Passed House,
April 23, 2015
Cybersecurity
Security
Roll Call Vote
Protection
173
Advancement
Act
H.R. 1753
Executive
Oversight and
April 13, 2015
Referred to
April 13, 2015
Cyberspace
Government
committee
Coordination
Reform
Act
H.R. 1770
Data Security
Energy &
April 14, 2015
Referred to the
April 17, 2015
and Breach
Commerce
Subcommittee
Notification Act
on Commerce,
of 2015
Manufacturing,
and Trade
Source: Compiled by the Congressional Research Service (CRS) from Congress.gov.
Congressional Research Service
4

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Table 2. 114th Congress Legislation: Senate
Date
Latest Major
Date
Bill No.
Title
Committee(s)
Introduced
Action
S. 135
Secure Data Act
Commerce,
January 8, 2015
Referred to
January 8, 2015
of 2015
Science, and
committee
Transportation
S. 177
Data Security
Commerce,
January 13, 2015
Referred to
January 13, 2015
and Breach
Science, and
committee
Notification Act
Transportation
of 2015
S. 456
Cyber Threat
Homeland
February 11,
Referred to
February 11,
Sharing Act of
Security and
2015
committee
2015
2015
Governmental
Affairs
S. 754
Cybersecurity
Intelligence
March 17, 2015
Committee filed
April 15, 2015
Information
written Report
Sharing Act of
114-32
2015
S. 1027
Cybersecurity
Commerce,
April 21, 2015
Referred to
April 21, 2015
Information
Science and
committee
Sharing Credit
Transportation
Act
S. 1241
Enhanced Grid
Energy and
May 7, 2015
Hearings held
June 9, 2015
Security Act of
Natural
2015
Resources
Source: Compiled by CRS from Congress.gov.

Congressional Research Service
5

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Table 3 and Table 4 provide lists of Senate and House legislation under consideration in the 113th
Congress.
Table 3. 113th Congress, Major Legislation: Senate
Date
Latest Major
Date
Bill No.
Title
Committee(s)
Introduced
Action
S. 2588
Cybersecurity Information
Intelligence July
10,
Reported to
July 10,
Sharing Act of 2014
2014
Senate without
2014
written report
S. 2521
Federal Information Security Homeland Security
June 24,
P.L. 113-283
December
Modernization Act of 2014
and Government
2014
18, 2014
Affairs
S. 2519
National Cybersecurity and
Homeland Security
June 24,
P.L. 113-282
December
Communications Integration and Governmental
2014
18, 2014
Center Act of 2014
Affairs
S. 2410
Carl Levin National Defense Armed Services
June 2, 2014
With written
June 2, 2014
Authorization Act for Fiscal
report no. 113-
Year 2015
176
S. 2354
DHS Cybersecurity
Homeland Security
May 20,
With written
July 14,
Workforce Recruitment and and Government
2014
report no. 113-
2014
Retention Act of 2014
Affairs
207
S. 1927
Data Security Act of 2014
Banking, Housing, and January 15,
Subcommittee
February 3,
Urban Affairs
2014
on National
2014
Security and
International
Trade and
Finance
hearings held
S. 1691
Border Patrol Agent Pay
Senate Homeland
November
P.L. 113-277
December
Reform Act of 2014
Security and
13, 2013
18, 2014
Governmental Affairs;
House Oversight and
Government Reform;
House Homeland
Security
S. 1353
Cybersecurity Act of 2013
Commerce, Science,
July 24,
P.L. 113-274
December
and Transportation
2013
18, 2014
S. 1197
National Defense
Armed Services
June 20,
P.L. 113-66
December
Authorization for Fiscal
2013
26, 2013
Year 2014
Source: Legislative Information System (LIS).
Congressional Research Service
6

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Table 4. 113th Congress, Major Legislation: House
Date
Latest Major
Bill No.
Title
Committee(s)
Introduced
Action Date
H.R.
National Defense
Armed Services
April 9, 2014
Passed/agreed to
May 22,
4435
Authorization Act for
in House, Roll
2014
Fiscal Year 2015
no. 240
H.R.
National Cybersecurity
Homeland Security
December
Passed/agreed to
July 28, 2014
3696
and Critical Infrastructure and House Science,
11, 2013
in House, by
Protection Act
Space, and Technology
voice vote
H.R.
Safe and Secure Federal
House Oversight and
December 3,
Passed House by
July 28, 2014
3635
Websites Act of 2014
Government Reform;
2013
voice vote
Senate Homeland
Security and
Governmental Affairs
H.R.
National Defense
House Armed
October 22,
P.L. 113-66
December
3304
Authorization Act for
Services; Senate
2013
26, 2013
Fiscal Year 2014
Armed Services
H.R.
Homeland Security
Homeland Security
September
Passed/agreed to
July 28, 2014
3107
Cybersecurity Boots-on-
17, 2013
in House, Roll
the-Ground Act
No. 457
H.R.
Critical Infrastructure
Homeland Security
August 1,
P.L. 113-246
December
2952
Research and
2013
18, 2014
Development
Advancement Act of 2013
H.R.
Federal Information
Oversight and
March 14,
Passed House.
April 17,
1163
Security Amendments
Government Reform
2013
Referred to
2013
Act of 2013
Senate
Committee on
Homeland
Security and
Governmental
Affairs
H.R.
Advancing America’s
Science, Space, and
March 14,
Passed House,
April 17,
967
Networking and
Technology
2013
Roll No. 108.
2013
Information Technology
Referred to the
Research and
Senate
Development Act of 2013
Commerce,
Science, and
Transportation
Committee
H.R.
Cybersecurity R&D
Science, Space, and
February 15,
Passed House,
April 16,
756
[Research and
Technology
2013
Roll no. 107.
2013
Development]
Congressional
Record text
H.R.
Cyber Intelligence Sharing Permanent Select
February 13,
Passed House.
April 18,
624
and Protection Act
Committee on
2013
Roll no. 117.
2013
(CISPA)
Intelligence
Referred to
Senate Select
Committee on
Intelligence
Source: LIS.
Congressional Research Service
7

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Table 5 and Table 7 list major Senate and House legislation considered by the 112th Congress.
The tables include bills with committee action, floor action, or significant legislative interest.
Table 6 provides Congressional Record links to Senate floor debate of S. 3414, the Cybersecurity
Act of 2012. Table 8 provides Congressional Record links to House floor debate of H.R. 3523,
the Cyber Intelligence Sharing and Protection Act.
Table 5. 112th Congress, Major Legislation: Senate
Bill No.
Title
Committee(s)
Date Introduced
S. 3414
Cybersecurity Act of 2012
N/A (Placed on Senate Legislative
July 19, 2012
Calendar under Read the First
Time)
S. 3342
SECURE IT
N/A (Placed on Senate Legislative
June 27, 2012
Calendar under General Orders.
Calendar No. 438)
S. 3333
Data Security and Breach Notification
Commerce, Science, and
June 21, 2012
Act of 2012
Transportation
S. 2151
SECURE IT
Commerce, Science, and
March 1, 2012
Transportation
S. 2105
Cybersecurity Act of 2012
Homeland Security and
February 14, 2012
Governmental Affairs
S. 2102
Cybersecurity Information Sharing Act
Homeland Security and
February 13, 2012
of 2012
Governmental Affairs
S. 1535
Personal Data Protection and Breach
Judiciary
September 8, 2011
Accountability Act of 2011
S. 1342
Grid Cyber Security Act
Energy and Natural Resources
July 11, 2011
S. 1151
Personal Data Privacy and Security Act
Judiciary June
7,
2011
of 2011
S. 413
Cybersecurity and Internet Freedom Act Homeland Security and
February 17, 2011
of 2011
Governmental Affairs
Source: LIS.
Table 6. 112th Congress, Senate Floor Debate: S. 3414
Title Date
Congressional Record Pages
Cybersecurity Act of 2012: Motion to Proceed
July 26, 2012
S5419-S5449
Cybersecurity Act of 2012: Motion to Proceed—
July 26, 2012
S5450-S5467
Continued and Cloture Vote
Cybersecurity Act of 2012
July 31, 2012
S5694-S5705
Cybersecurity Act of 2012: Continued
July 31, 2012
S5705-S5724
Cybersecurity Act of 2012: Debate and Cloture Vote
August 2, 2012
S5907-S5919
Cybersecurity Act of 2012: Motion to Proceed
November 14, 2012
S6774-S6784
Source: Congressional Record, Government Publishing Office (GPO).
Congressional Research Service
8

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Table 7. 112th Congress, Major Legislation: House
Bill No.
Title
Committee(s)
Date Introduced
H.R. 4257
Federal Information Security
Oversight and Government Reform
March 26, 2012
Amendments Act of 2012
H.R. 3834
Advancing America’s Networking and
Science, Space, and Technology
January 27, 2012
Information Technology Research and
Development Act of 2012
H.R. 4263
SECURE IT Act of 2012 Strengthening
Oversight and Government
March 27, 2012
and Enhancing Cybersecurity by Using
Reform; Judiciary; Armed Services;
Research, Education, Information, and
Intelligence (Permanent Select)
Technology
H.R. 3674
PRECISE Act of 2012
Homeland Security; Oversight and
December 15, 2011
Government Reform; Science,
Space, and Technology; Judiciary;
Intelligence (Permanent Select)
H.R. 3523
Cyber Intelligence Sharing and
Committee on Intelligence
November 30, 2011
Protection Act
(Permanent Select)
H.R. 2096
Cybersecurity Enhancement Act of 2012
Science, Space, and Technology
June 2, 2011
H.R. 174
Homeland Security Cyber and Physical
Technology; Education and the
January 5, 2011
Infrastructure Protection Act of 2011
Workforce; Homeland Security
H.R. 76
Cybersecurity Education Enhancement
Homeland Security; House
January 5, 2011
Act of 2011
Oversight and Government Reform
Source: LIS.
Table 8. 112th Congress, House Floor Debate: H.R. 3523
Title Date
Congressional Record Pages
Cyber Intelligence Sharing and Protection Act: Providing for April 26, 2012
H2147-2156
Consideration of Motion to Suspend the Rules
Cyber Intelligence Sharing and Protection Act:
April 26, 2012
H2156-2186
Consideration of the Bill
Source: Congressional Record (GPO).
Hearings in the 114th Congress
The following tables list cybersecurity hearings in the 114th Congress. Table 9 and Table 10
contain identical content but are organized differently. Table 11 lists House hearings arranged by
date (most recent first), and Table 12 lists House hearings arranged by committee. When viewed
in HTML, the document titles are active links to the committee’s website for that particular
hearing.

Congressional Research Service
9


Table 9. 114th Congress, Senate Hearings, by Date
Title Date Committee
Subcommittee
Counterterrorism, Counterintelligence,
July 8, 2015
Intelligence

and the Challenges of "Going Dark"
Cyber Crime: Modernizing our Legal
July 8, 2015
Judiciary

Framework for the Information Age
Under Attack: Federal Cybersecurity and June 25, 2015
Homeland Security and Governmental

the OPM Data Breach
Affairs
OPM Information Technology Spending
June 23, 2015
Appropriations
Financial Services and General
& Data Security
Government
Hearing on Energy Accountability and
June 9, 2015
Energy and Natural Resources

Reform Legislation (including S. 1241,
Enhanced Grid Security Act of 2015)
The IRS Data Breach: Steps to Protect
June 2, 2015
Homeland Security and Governmental

Americans’ Personal Information
Affairs
Cybersecurity: Setting the Rules for
May 14, 2015
Foreign Relations
East Asia, The Pacific, And International
Responsible Global Cyber Behavior
Cybersecurity Policy
Military Cyber Programs and Posture
April 15, 2015
Armed Services
Emerging Threats and Capabilities
From Protection to Partnership: Funding
April 15, 2015
Appropriations
Homeland Security
the DHS role in Cybersecurity
Examining the Evolving Cyber Insurance
March 19, 2015
Commerce, Science and Transportation
Consumer Protection, Product Safety,
Marketplace
Insurance and Data Security
U.S. Strategic Command, U.S.
March 19, 2015
Armed Services

Transportation Command, and U.S.
Cyber Command in review of the
Defense Authorization Request for Fiscal
Year 2016 and the Future Years Defense
Program
[CLOSED] Markup of the "Cybersecurity March 12, 2015
Intelligence

Information Sharing Act of 2015"



Title Date Committee
Subcommittee
The Connected World: Examining the
February 11, 2015
Commerce, Science & Transportation

Internet of Things
Getting it Right on Data Breach and
February 5, 2015
Commerce, Science & Transportation
Consumer Protection, Product Safety,
Notification Legislation in the 114th
Insurance, and Data Security
Congress
Building a More Secure Cyber Future:
February 4, 2015
Commerce, Science & Transportation

Examining Private Sector Experience
with the NIST Framework
Protecting America from Cyber Attacks:
January 28, 2015
Homeland Security and Governmental

The Importance of Information Sharing
Affairs
Source: Compiled by CRS from Congress.gov.
Table 10. 114th Congress, Senate Hearings, by Committee
Committee Subcommittee
Title
Date
Appropriations
Financial Services and General
OPM Information Technology Spending
June 23, 2015
Government
& Data Security
Appropriations
Homeland Security
From Protection to Partnership: Funding
April 15, 2015
the DHS role in Cybersecurity
Armed Services
Emerging Threats and Capabilities
Military Cyber Programs and Posture
April 15, 2015
Armed Services

U.S. Strategic Command, U.S.
March 19, 2015
Transportation Command, and U.S.
Cyber Command in review of the
Defense Authorization Request for Fiscal
Year 2016 and the Future Years Defense
Program
Commerce, Science and Transportation
Consumer Protection, Product Safety,
Examining the Evolving Cyber Insurance
March 19, 2015
Insurance and Data Security
Marketplace
Commerce, Science & Transportation

The Connected World: Examining the
February 11, 2015
Internet of Things



Committee Subcommittee
Title
Date
Commerce, Science & Transportation

Getting it Right on Data Breach and
February 5, 2015
Notification Legislation in the 114th
Congress
Commerce, Science & Transportation

Building a More Secure Cyber Future:
February 4, 2015
Examining Private Sector Experience
with the NIST Framework
Energy and Natural Resources

Hearing on Energy Accountability and
June 9, 2015
Reform Legislation (including S. 1241,
Enhanced Grid Security Act of 2015)
Financial Services

A Global Perspective on Cyber Threats
June 16, 2015
Foreign Relations
East Asia, The Pacific, And International
Cybersecurity: Setting the Rules for
May 14, 2015
Cybersecurity Policy
Responsible Global Cyber Behavior
Homeland Security and Governmental

Under Attack: Federal Cybersecurity and June 25, 2015
Affairs
the OPM Data Breach
Homeland Security and Governmental

The IRS Data Breach: Steps to Protect
June 2, 2015
Affairs
Americans’ Personal Information
Homeland Security and Governmental

Protecting America from Cyber Attacks:
January 28, 2015
Affairs
The Importance of Information Sharing
Intelligence
Counterterrorism,
Counterintelligence,
July 8, 2015
and the Challenges of "Going Dark"
Intelligence

[CLOSED] Markup of the "Cybersecurity March 12, 2015
Information Sharing Act of 2015"
Judiciary

Cyber Crime: Modernizing our Legal
July 8, 2015
Framework for the Information Age
Source: Compiled by CRS from Congress.gov.



Table 11. 114th Congress, House Hearings, by Date
Title Date Committee
Subcommittee
Cybersecurity: The Department of the
July 15, 2015
Oversight and Government Reform
Information Technology AND
Interior
Subcommittee on Interior (Joint hearing)
Is the OPM [Office of Personnel
July 8, 2015
Science, Space and Technology
Research and Technology
Management] Data Breach the Tip of the
Iceberg?
DHS’ Efforts to Secure .Gov
June 24, 2015
Homeland Security
Cybersecurity, Infrastructure Protection
and Security Technology
OPM Data Breach: Part II
June 24, 2015
Oversight and Government Reform

Evaluating the Security of the U.S.
June 24, 2015
Financial Services

Financial Sector (Task Force to
Investigate Terrorism Financing)
OPM Data Security Review
June 23, 2015
Appropriations
Financial Services and General
Government
OPM: Data Breach
June 16, 2015
Oversight and Government Reform

A Global Perspective on Cyber Threats
June 16, 2015
Financial Services

Protecting Critical Infrastructure: How
May 19, 2015
Financial Services
Financial Institutions and Consumer
the Financial Sector Addresses Cyber
Credit
Threats
Protecting Consumers: Financial Data
May 14, 2015
Financial Services

Security in the Age of Computer
Hackers
Enhancing Cybersecurity of Third-Party
April 22, 2015
Oversight and Government Reform

Contractors and Vendors
Small Business, Big Threat: Protecting
April 22, 2015
Small Business

Small Businesses from Cyber Attacks
Ful committee meets to formulate a rule April 21, 2015
Rules

on H.R.1560, the "Protecting Cyber
Networks Act"; and H.R.1731, the
"National Cybersecurity Protection
Advancement Act of 2015



[CLOSED] Special Activities
April 15, 2015
Intelligence
National Security Agency and
Cybersecurity
Markup: H.R. 1731, the National
April 14, 2015
Homeland Security

Cybersecurity Protection Advancement
Act of 2015
Markup of H.R. 1770, The Data Security
April 14, 2015
Energy and Commerce

and Breach Notification Act of 2015
[CLOSED] Markup of "Protecting Cyber
March 26, 2015
Intelligence

Networks Act"
The Internet of Things: Exploring the
March 24, 2015
Energy and Commerce
Commerce, Manufacturing and Trade
Next Technology Frontier
[MARKUP] H.R. 1704, Data Security and
March 24, 2015
Energy and Commerce

Breach Notification Act of 2015
The Growing Cyber Threat and its
March 19, 2015
Intelligence

Impact on American Business
Discussion Draft of H.R. 1704, Data
March 18, 2015
Energy and Commerce
Commerce, Manufacturing, and Trade
Security and Breach Notification Act of
2015
Cybersecurity: The Evolving Nature of
March 18, 2015
Oversight and Government Reform
Information Technology
Cyber Threats Facing the Private Sector
Industry Perspectives on the President’s
March 4, 2015
Homeland Security
Cybersecurity, Infrastructure Protection
Cybersecurity Information Sharing
and Security Technologies
Proposal
Cyber Operations: Improving the
March 4, 2015
Armed Services
Emerging Threats and Capabilities
Military Cyber Security Posture in an
Uncertain Threat Environment.
Understanding the Cyber Threat and
March 3, 2015
Energy and Commerce
Oversight and Investigations
Implications for the 21st Century
Economy
Examining the President’s Cybersecurity
February 25, 22015
Homeland Security

Information Sharing Proposal
Emerging Threats and Technologies to
February 12, 2015
Homeland Security
Cybersecurity, Infrastructure Protection,
Protect the Homeland
and Security Technologies



The Expanding Cyber Threat
January 27, 2015
Science, Space & Technology
Research and Technology
What are the Elements of Sound Data
January 27, 2015
Energy and Commerce

Breach Legislation?
Briefing: The North Korean Threat:
January 13, 2015
Foreign Affairs

Nuclear, Missiles and Cyber
Source: Compiled by CRS from Congress.gov.



Table 12. 114th Congress, House Hearings, by Committee
Committee Subcommittee
Title

Date
Armed Services
Emerging Threats and Capabilities
Cyber Operations: Improving the
March 4, 2015
Military Cyber Security Posture in an
Uncertain Threat Environment
Energy and Commerce

Markup of H.R. 1770, The Data Security
April 14, 2015
and Breach Notification Act of 2015
Energy and Commerce
Commerce, Manufacturing, and Trade
The Internet of Things: Exploring the
March 24, 2015
Next Technology Frontier
Energy and Commerce

[MARKUP] H.R. 1704, Data Security and
March 24, 2015
Breach Notification Act of 2015
Energy and Commerce
Commerce, Manufacturing, and Trade
Discussion Draft of H.R. 1704, Data
March 18, 2015
Security and Breach Notification Act
Energy and Commerce
Oversight and Investigations
Understanding the Cyber Threat and
March 3, 2015
Implications for the 21st Century
Economy
Energy and Commerce

What are the Elements of Sound Data
January 27, 2015
Breach Legislation?
Financial Services

Evaluating the Security of the U.S.
June 24, 2015
Financial Sector (Task Force to
Investigate Terrorism Financing)
Financial Services
Financial Institutions and Consumer
Protecting Critical Infrastructure: How
May 19, 2015
Credit
the Financial Sector Addresses Cyber
Threats
Financial Services

Protecting Consumers: Financial Data
May 14, 2015
Security in the Age of Computer
Hackers
Foreign Affairs

Briefing: The North Korean Threat:
January 13, 2015
Nuclear, Missiles and Cyber
Homeland Security
Cybersecurity, Infrastructure Protection
Oversight and Government Reform
June 24, 2015
and Security Technologies



Committee Subcommittee
Title

Date
Homeland Security

Markup: H.R. 1731, the National
April 14, 2015
Cybersecurity Protection Advancement
Act of 2015
Homeland Security
Cybersecurity, Infrastructure Protection
Industry Perspectives on the President’s
March 4, 2015
and Security Technologies
Cybersecurity Information Sharing
Proposal
Homeland Security

Examining the President’s Cybersecurity
February 25, 2015
Information Sharing Proposal
Homeland Security
Cybersecurity, Infrastructure Protection,
Emerging Threats and Technologies to
February 12, 2015
and Security Technologies
Protect the Homeland
Intelligence
National Security Agency and
[CLOSED] Special Activities
April 15, 2015
Cybersecurity
Intelligence

[CLOSED] Markup of "Protecting Cyber
March 26, 2015
Networks Act"
Intelligence

The Growing Cyber Threat and its
March 19, 2015
Impact on American Business
Oversight and Government Reform
Information Technology AND
Cybersecurity: The Department of the
July 15, 2015
Subcommittee on Interior (Joint hearing
Interior
Oversight and Government Reform

OPM Data Breach: Part II
June 24, 2015
Oversight and Government Reform

OPM: Data Breach
June 16, 2015
Oversight and Government Reform

Enhancing Cybersecurity of Third-Party
April 22, 2015
Contractors and Vendors
Oversight and Government Reform
Information Technology
Cybersecurity: The Evolving Nature of
March 18, 2015
Cyber Threats Facing the Private Sector
Rules

Ful committee meets to formulate a rule April 21, 2015
on H.R.1560, the "Protecting Cyber
Networks Act"; and H.R.1731, the
"National Cybersecurity Protection
Advancement Act of 2015
Science, Space & Technology
Research and Technology
The Expanding Cyber Threat
January 27, 2015



Committee Subcommittee
Title

Date
Small Business

Small Business, Big Threat: Protecting
April 22, 2015
Small Businesses from Cyber Attacks
Source: Compiled by CRS from Congress.gov.

Table 13. 114th Congress, Other Hearings

Committee Subcommittee
Title

Date
U.S.-China Economic and Security

Commercial Cyber Espionage and
June 15, 2015
Review Commission
Barriers to Digital Trade in China
Source: Compiled by CRS




Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Hearings in the 113th Congress
The following tables list cybersecurity hearings in the 113th Congress. Table 14 and Table 15
contain identical content but are organized differently. Table 14 lists House hearings arranged by
date (most recent first), and Table 15 lists House hearings arranged by committee. When viewed
in HTML, the document titles are active links to the committee’s website for that particular
hearing.

Congressional Research Service
19


Table 14. 113th Congress, House Hearings, by Date
Title Date
Committee
Subcommittee
How Data Mining Threatens Student Privacy
June 25, 2014
Homeland Security
Cybersecurity, Infrastructure Protection, and
Security Technologies
Assessing Persistent and Emerging Cyber Threats to
May 21, 2014
Homeland Security
Counterterrorism and Intelligence
the U.S. Homeland
Electromagnetic Pulse (EMP): Threat to Critical
May 8, 2014
Homeland Security
Cybersecurity, Infrastructure Protection, and
Infrastructure
Security Technologies
Protecting Your Personal Data: How Law Enforcement April 16, 2014
Homeland Security
Cybersecurity, Infrastructure Protection, and
Works With the Private Sector to Prevent
Security Technologies (Field Hearing)
Cybercrime
Information Technology and Cyber Operations:
March 12, 2014
Armed Services
Intelligence, Emerging Threats, and
Modernization and Policy Issues in a Changing National
Capabilities
Security Environment
International Cybercrime Protection
March 6, 2014
Science, Space, and Technology
Financial Institutions and Consumer Credit
Data Security: Examining Efforts to Protect Americans’
March 5, 2014
Financial Services

Financial Information
Protecting Consumer Information: Can Data Breaches
February 5, 2014
Energy and Commerce
Commerce, Manufacturing, and Trade
Be Prevented?
A Roadmap for Hackers? - Documents Detailing
January 28, 2014
Oversight and Government

HealthCare.gov Security Vulnerabilities
Reform
HealthCare.gov: Consequences of Stolen Identity
January 19, 2014
Science, Space, and Technology

HHS’ Own Security Concerns About HealthCare.gov
January 16, 2014
Oversight and Government

Reform
Is My Data on Healthcare.gov Secure?
November 19, 2013
Science, Space, and Technology

Security of Healthcare.gov
November 19, 2013
Energy and Commerce

Cyber Side-Effects: How Secure is the Personal
November 13, 2013
Homeland Security

Information Entered into the Flawed Healthcare.gov?
Cyber Incident Response: Bridging the Gap Between
October 30, 2013
Homeland Security
Cybersecurity, Infrastructure Protection, and
Cybersecurity and Emergency Management
Security Technologies
CRS-20


Title Date
Committee
Subcommittee
Cybersecurity: 21st Century Threats, Chal enges, and
October 23, 2013
Permanent Select Committee on

Opportunities
Intelligence
A Look into the Security and Reliability of the Health
September 11, 2013
Homeland Security
Cybersecurity, Infrastructure Protection, and
Exchange Data Hub
Security Technologies
Asia: The Cyber Security Battleground
July 23, 2013
Foreign Affairs
Asia and the Pacific
Oversight of Executive Order 13636 and Development July 18, 2013
Homeland Security
Cybersecurity, Infrastructure Protection, and
of the Cybersecurity Framework
Security Technologies
Reporting Data Breaches: Is Federal Legislation
July 18, 2013
Energy and Commerce
Commerce, Manufacturing, and Trade
Needed to Protect Consumers?
Evaluating Privacy, Security, and Fraud Concerns with
July 17, 2013
(Joint Hearing) Homeland Security

ObamaCare’s Information Sharing Apparatus
and Oversight and Government
Reform
Cyber Espionage and the Theft of U.S. Intel ectual
July 9, 2013
Energy and Commerce
Oversight and Investigation
Property and Technology
Cyber Threats and Security Solutions
May 21, 2013
Energy and Commerce

Cybersecurity: An Examination of the Communications May 21, 2013
Energy and Commerce
Communications and Technology
Supply Chain
Facilitating Cyber Threat Information Sharing and
May 16, 2013
Homeland Security
Cybersecurity, Infrastructure Protection, and
Partnering with the Private Sector to Protect Critical
Security Technologies
Infrastructure: An Assessment of DHS Capabilities
Striking the Right Balance: Protecting Our Nation’s
April 25, 2013
Homeland Security
Cybersecurity, Infrastructure Protection, and
Critical Infrastructure from Cyber Attack and Ensuring
Security Technologies
Privacy and Civil Liberties
Cyber Attacks: An Unprecedented Threat to U.S.
March 21, 2013
Foreign Affairs
Europe, Eurasia, and Emerging Threats
National Security
Protecting Smal Business from Cyber-Attacks
March 21, 2013
Smal Business
Healthcare and Technology
Cybersecurity and Critical Infrastructure [CLOSED
March 20, 2013
Appropriations

hearing]
Cyber Threats from China, Russia and Iran: Protecting
March 20, 2013
Homeland Security
Cybersecurity, Infrastructure Protection, and
American Critical Infrastructure
Security Technologies
CRS-21


Title Date
Committee
Subcommittee
DHS Cybersecurity: Roles and Responsibilities to
March 13, 2013
Homeland Security

Protect the Nation’s Critical Infrastructure
Investigating and Prosecuting 21st Century Cyber
March 13, 2013
Judiciary
Crime, Terrorism, Homeland Security and
Threats
Investigations
Information Technology and Cyber Operations:
March 13, 2013
Armed Services
Intelligence, Emerging Threats, and
Modernization and Policy Issues to Support the Future
Capabilities
Force
Cyber R&D Chal enges and Solutions
February 26, 2013
Science, Space, and Technology
Technology
Advanced Cyber Threats Facing Our Nation
February 14, 2013
Select Committee on Intelligence

Source: Compiled by CRS.
Table 15. 113th Congress, House Hearings, by Committee
Committee Subcommittee
Title
Date
Appropriations

Cybersecurity and Critical Infrastructure [CLOSED
March 20, 2013
hearing]
Armed Services
Intelligence, Emerging Threats, and Capabilities
Information Technology and Cyber Operations:
March 12, 2014
Modernization and Policy Issues in a Changing
National Security Environment
Armed Services
Intelligence, Emerging Threats, and Capabilities
Information Technology and Cyber Operations:
March 13, 2013
Modernization and Policy Issues to Support the
Future Force
Energy and Commerce
Commerce, Manufacturing, and Trade
Protecting Consumer Information: Can Data
February 5, 2014
Breaches Be Prevented?
Energy and Commerce

Security of Healthcare.gov
November 19, 2013
Energy and Commerce
Commerce, Manufacturing, and Trade
Reporting Data Breaches: Is Federal Legislation
July 18, 2013
Needed to Protect Consumers?
Energy and Commerce
Oversight and Investigation
Cyber Espionage and the Theft of U.S. Intellectual
July 9, 2013
Property and Technology
Energy and Commerce

Cyber Threats and Security Solutions
May 21, 2013
CRS-22


Committee Subcommittee
Title
Date
Energy and Commerce
Communications and Technology
Cybersecurity: An Examination of the
May 21, 2013
Communications Supply Chain
Financial Services
Financial Institutions and Consumer Credit
Data Security: Examining Efforts to Protect
March 5, 2014
Americans’ Financial Information
Foreign Affairs
Asia and the Pacific
Asia: The Cyber Security Battleground
July 23, 2013
Foreign Affairs
Europe, Eurasia, and Emerging Threats
Cyber Attacks: An Unprecedented Threat to U.S.
March 21, 2013
National Security
Homeland Security
Cybersecurity, Infrastructure Protection, and
How Data Mining Threatens Student Privacy
June 25, 2014
Security Technologies
Homeland Security
Counterterrorism and Intelligence
Assessing Persistent and Emerging Cyber Threats to May 21, 2014
the U.S. Homeland
Homeland Security
Cybersecurity, Infrastructure Protection, and
Electromagnetic Pulse (EMP): Threat to Critical
May 8, 2014
Security Technologies
Infrastructure
Homeland Security
Cybersecurity, Infrastructure Protection, and
Protecting Your Personal Data: How Law
April 16, 2014
Security Technologies (Field Hearing)
Enforcement Works With the Private Sector to
Prevent Cybercrime
Homeland Security

Cyber Side-Effects: How Secure is the Personal
November 13, 2013
Information Entered into the Flawed
Healthcare.gov?
Homeland Security
Cybersecurity, Infrastructure Protection, and
Cyber Incident Response: Bridging the Gap
October 30, 2013
Security Technologies
Between Cybersecurity and Emergency
Management
Homeland Security
Cybersecurity, Infrastructure Protection, and
A Look into the Security and Reliability of the
September 11, 2013
Security Technologies
Health Exchange Data Hub
Homeland Security
Cybersecurity, Infrastructure Protection, and
Oversight of Executive Order 13636 and
July 18, 2013
Security Technologies
Development of the Cybersecurity Framework
Homeland Security (Joint Hearing with
Cybersecurity, Infrastructure Protection, and
Facilitating Cyber Threat Information Sharing and
May 16, 2013
Oversight and Government Reform)
Security Technologies, and Energy Policy, Health
Partnering with the Private Sector to Protect
Care, and Entitlements (Joint Hearing)
Critical Infrastructure: An Assessment of DHS
Capabilities
CRS-23


Committee Subcommittee
Title
Date
Homeland Security
Cybersecurity, Infrastructure Protection, and
Striking the Right Balance: Protecting Our Nation’s
April 25, 2013
Security Technologies
Critical Infrastructure from Cyber Attack and
Ensuring Privacy and Civil Liberties
Homeland Security
Cybersecurity, Infrastructure Protection, and
Cyber Threats from China, Russia and Iran:
March 20, 2013
Security Technologies
Protecting American Critical Infrastructure
Homeland Security
Cybersecurity, Infrastructure Protection, and
DHS Cybersecurity: Roles and Responsibilities to
March 13, 2013
Security Technologies
Protect the Nation’s Critical Infrastructure
Judiciary
Crime, Terrorism, Homeland Security, and
Investigating and Prosecuting 21st Century Cyber
March 13, 2013
Investigations
Threats
Oversight and Government Reform

A Roadmap for Hackers? - Documents Detailing
January 28, 2014
HealthCare.gov Security Vulnerabilities
Oversight and Government Reform

HHS’ Own Security Concerns About
January 16, 2014
HealthCare.gov
Oversight and Government Reform
Energy Policy, Health Care, and Entitlements (Joint Evaluating Privacy, Security, and Fraud Concerns
July 18, 2013
(Joint Hearing with Homeland
Hearing with Cybersecurity, Infrastructure
with ObamaCare’s Information Sharing Apparatus
Security)
Protection, and Security Technologies)
Science, Space, and Technology

International Cybercrime Protection
March 6, 2014
Science, Space, and Technology

HealthCare.gov: Consequences of Stolen Identity
January 19, 2014
Science, Space, and Technology

Is My Data on Healthcare.gov Secure?
November 19, 2013
Science, Space, and Technology
Technology
Cyber R&D [Research and Development]
February 26, 2013
Challenges and Solutions
Select Committee on Intelligence

Advanced Cyber Threats Facing Our Nation
February 14, 2013
Small Business
Healthcare and Technology
Protecting Smal Business from Cyber-Attacks
March 21, 2013
Source: Compiled by CRS.
CRS-24


Table 16. 113th Congress, House Committee Markups, by Date
Committee Subcommittee
Title Date
Homeland Security
H.R. 3696, National Cybersecurity and Critical
February 5, 2014

Infrastructure Protection Act
Homeland Security
Cybersecurity, Infrastructure Protection, and
H.R. 3696, National Cybersecurity and Critical
January 15, 2014
Security Technologies
Infrastructure Protection Act
Homeland Security
Cybersecurity, Infrastructure Protection, and
H.R. 2952, CIRDA Act of 2013, and H.R. 3107, the
September 18, 2013
Security Technologies
Homeland Security Cybersecurity Boots-on-the-
Ground Act
Source: Compiled by CRS.
Table 17. 113th Congress, Senate Hearings, by Date
Title Date
Committee
Subcommittee
Cybersecurity: Enhancing Coordination to Protect the
December 10, 2014
Banking, Housing, and Urban Affairs

Financial Sector
Taking Down Botnets: Public and Private Efforts to Disrupt
July 15, 2014
Judiciary
Crime and Terrorism
and Dismantle Cybercriminal Networks
Investing in Cybersecurity: Understanding Risks and Building
May 7, 2014
Appropriations
Homeland Security
Capabilities for the Future
Data Breach on the Rise: Protecting Personal Information
April 2, 2014
Homeland Security and Governmental Affairs

from Harm
Protecting Personal Consumer Information from Cyber
March 26, 2014
Commerce, Science, and Transportation

Attacks and Data Breaches
Strengthening Public-Private Partnerships to Reduce Cyber
March 26, 2014
Homeland Security and Governmental Affairs

Risks to Our Nation’s Critical Infrastructure
Nomination of Vice Admiral Michael S. Rogers, USN to be
March 11, 2014
Armed Services

admiral and Director, National Security Agency/ Chief,
Central Security Services/ Commander, U.S. Cyber Command
U.S. Strategic Command and U.S. Cyber Command in review
February 27, 2014
Armed Services

of the fiscal 2015 Defense Authorization Request and the
Future Years Defense Program
CRS-25


Title Date
Committee
Subcommittee
Oversight of Financial Stability and Data Security
February 6, 2014
Banking, Housing, and Urban Affairs

Privacy in the Digital Age: Preventing Data Breaches and
February 4, 2014
Judiciary

Combating Cybercrime
Safeguarding Consumers’ Financial Data, Panel 2,
February 3, 2014
Banking, Housing, and Urban Affairs
National Security and
International Trade and Finance
The Partnership Between NIST [National Institute of
July 25, 2013
Commerce, Science, and Transportation

Standards and Technology] and the Private Sector: Improving
Cybersecurity
Resilient Military Systems and the Advanced Cyber Threat
June 26, 2013
Armed Services

(CLOSED BRIEFING)
Cybersecurity: Preparing for and Responding to the Enduring
June 12, 2013
Appropriations

Threat
Cyber Threats: Law Enforcement and Private Sector
May 8, 2013
Judiciary
Crime and Terrorism
Responses
Defense Authorization: Cybersecurity Threats: To receive a
March 19, 2013
Armed Services
Emerging Threats and Capabilities
briefing on cybersecurity threats in review of the Defense
Authorization Request for Fiscal Year 2014 and the Future
Years Defense Program
Fiscal 2014 Defense Authorization, Strategic Command: U.S.
March 12, 2013
Armed Services

Cyber Command
The Cybersecurity Partnership Between the Private Sector
March 7, 2013
(Joint) Homeland Security and Governmental

and Our Government: Protecting Our National and Economic
Affairs and Commerce, Science, and
Security
Transportation
Source: Compiled by CRS.
CRS-26


Table 18. 113th Congress, Other Hearings, by Date
Title Date
Committee
Subcommittee
U.S.-China Cybersecurity Issues
July 11, 2013
Congressional-Executive Commission on China

Chinese Hacking: Impact on Human Rights and Commercial June 25, 2013
Congressional-Executive Commission on China

Rule of Law
Source: Compiled by CRS.
Table 19. 113th Congress, Senate Hearings, by Committee
Committee Subcommittee
Title
Date
Appropriations
Homeland Security
Investing in Cybersecurity: Understanding Risks and
May 7, 2014
Building Capabilities for the Future
Appropriations

Cybersecurity: Preparing for and Responding to the
June 12, 2013
Enduring Threat
Armed Services

Nomination of Vice Admiral Michael S. Rogers, USN to
March 11, 2014
be admiral and Director, National Security Agency/ Chief,
Central Security Services/ Commander, U.S. Cyber
Command
Armed Services

U.S. Strategic Command and U.S. Cyber Command in
February 27, 2014
review of the Fiscal 2015 Defense Authorization Request
and the Future Years Defense Program
Armed Services

Resilient Military Systems and the Advanced Cyber Threat June 26, 2013
(CLOSED BRIEFING)
Armed Services
Emerging Threats and Capabilities
Defense Authorization: Cybersecurity Threats
March 19, 2013
Armed Services

Fiscal 2014 Defense Authorization, Strategic Command:
March 12, 2013
U.S. Cyber Command
Banking, Housing, and Urban Affairs

Cybersecurity: Enhancing Coordination to Protect the
December 10, 2014
Financial Sector
Banking, Housing, and Urban Affairs

Oversight of Financial Stability and Data Security
February 6, 2014
Banking, Housing, and Urban Affairs
National Security and International
Safeguarding Consumers’ Financial Data
February 3, 2014
Trade and Finance
CRS-27


Committee Subcommittee
Title
Date
Commerce, Science, and Transportation

Protecting Personal Consumer Information from Cyber
March 26, 2014
Attacks and Data Breaches
Commerce, Science, and Transportation

The Partnership Between NIST [National Institute of
July 25, 2013
Standards and Technology] and the Private Sector:
Improving Cybersecurity
Homeland Security and Governmental

Data Breach on the Rise: Protecting Personal Information
April 2, 2014
Affairs
from Harm
Homeland Security and Governmental

Strengthening Public-Private Partnerships to Reduce
March 26, 2014
Affairs
Cyber Risks to Our Nation’s Critical Infrastructure
(Joint) Homeland Security and Governmental
The Cybersecurity Partnership Between the Private
March 7, 2013
Affairs and Commerce, Science, and
Sector and Our Government: Protecting Our National
Transportation
and Economic Security
Judiciary
Crime and Terrorism
Taking Down Botnets: Public and Private Efforts to
July 15, 2014
Disrupt and Dismantle Cybercriminal Networks
Judiciary

Privacy in the Digital Age: Preventing Data Breaches and
February 4, 2014
Combating Cybercrime
Judiciary
Crime and Terrorism
Cyber Threats: Law Enforcement and Private Sector
May 8, 2013
Responses
Source: Compiled by CRS.
Table 20. 113th Congress, Other Hearings, by Committee
Committee Subcommittee
Title
Date
Congressional-Executive Commission on

U.S.-China Cybersecurity Issues
July 11, 2013
China
Congressional-Executive Commission on

Chinese Hacking: Impact on Human Rights and
June 25, 2013
China
Commercial Rule of Law
Source: Compiled by CRS.

CRS-28

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Hearings in the 112th Congress
The following tables list cybersecurity hearings in the 112th Congress. Table 21 and Table 22
contain identical content but are organized differently. Table 21 lists House hearings arranged by
date (most recent first) and Table 22 lists House hearings arranged by committee. Table 23 lists
House markups by date; Table 24 and Table 25 contain identical content. Table 24 lists Senate
hearings arranged by date and Table 25 lists Senate hearings arranged by committee. Table 26
lists two congressional committee investigative reports: the House Permanent Select Committee
on Intelligence investigative report into the counterintelligence and security threats posed by
Chinese telecommunications companies doing business in the United States, and the Senate
Permanent Subcommittee on Investigations’ review of U.S. Department of Homeland Security
efforts to engage state and local intelligence “fusion centers.” When viewed in HTML, the
document titles are active links to the committee’s website for that particular hearing.

Congressional Research Service
29


Table 21. 112th Congress, House Hearings, by Date
Title Date
Committee
Subcommittee
Investigation of the Security Threat Posed by Chinese
September 13, 2012
Permanent Select Committee on

Telecommunications Companies Huawei and ZTE
Intelligence
Resilient Communications: Current Challenges and
September 12, 2012
Homeland Security
Emergency Preparedness, Response, and
Future Advancements
Communications
Cloud Computing: An Overview of the Technology
July 25, 2012
Judiciary
Intellectual Property, Competition, and the
and the Issues facing American Innovators
Internet
Digital Warriors: Improving Military Capabilities for
July 25, 2012
Armed Services
Emerging Threats and Capabilities
Cyber Operations
Cyber Threats to Capital Markets and Corporate
June 1, 2012
Financial Services
Capital Markets and Government
Accounts
Sponsored Enterprises
Iranian Cyber Threat to U.S. Homeland
April 26, 2012
Homeland Security
Cybersecurity, Infrastructure Protection,
and Security Technologies and
Counterterrorism and Intelligence
America is Under Cyber Attack: Why Urgent Action
April 24, 2012
Homeland Security
Oversight, Investigations and Management
is Needed
The DHS and DOE National Labs: Finding Efficiencies
April 19, 2012
Homeland Security
Cybersecurity, Infrastructure Protection,
and Optimizing Outputs in Homeland Security
and Security Technologies
Research and Development
Cybersecurity: Threats to Communications Networks
March 28, 2012
Energy and Commerce
Communications and Technology
and Public-Sector Responses
IT Supply Chain Security: Review of Government and
March 27, 2012
Energy and Commerce
Oversight and Investigations
Industry Efforts
Fiscal Year 2013 Budget Request for Information
March 20, 2012
Armed Services
Emerging Threats and Capabilities
Technology and Cyber Operations Programs
Cybersecurity: The Pivotal Role of Communications
March 7, 2012
Energy and Commerce
Communications and Technology
Networks
NASA Cybersecurity: An Examination of the Agency’s
February 29, 2012
Science, Space, and Technology
Investigations and Oversight
Information Security
Critical Infrastructure Cybersecurity: Assessments of
February 28, 2012
Energy and Commerce
Oversight and Investigations
Smart Grid Security
Hearing on Draft Legislative Proposal on
December 6, 2011
Homeland Security and
Cybersecurity, Infrastructure Protection,
Cybersecurity
Governmental Affairs
and Security Technologies
CRS-30


Title Date
Committee
Subcommittee
Cyber Security: Protecting Your Smal Business
December 1, 2011
Smal Business
Healthcare and Technology
Combating Online Piracy (H.R. 3261, Stop the Online
November 16, 2011
Judiciary

Piracy Act)
Cybersecurity: Protecting America’s New Frontier
November 15, 2011
Judiciary
Crime, Terrorism and Homeland Security
Institutionalizing Irregular Warfare Capabilities
November 3, 2011
Armed Services
Emerging Threats and Capabilities
Cloud Computing: What are the Security Implications?
October 6, 2011
Homeland Security
Cybersecurity, Infrastructure Protection,
and Security Technologies
Cyber Threats and Ongoing Efforts to Protect the
October 4, 2011
Permanent Select Intelligence

Nation
The Cloud Computing Outlook
September 21, 2011
Science, Space, and Technology
Technology and Innovation
Cybersecurity: Threats to the Financial Sector
September 14, 2011
Financial Services
Financial Institutions and Consumer Credit
Cybersecurity: An Overview of Risks to Critical
July 26, 2011
Energy and Commerce
Oversight and Investigations
Infrastructure
Cybersecurity: Assessing the Nation’s Ability to
July 7, 2011
Oversight and Government Reform
Address the Growing Cyber Threat
Field Hearing: “Hacked Off: Helping Law Enforcement
June 29, 2011
Financial Services (field hearing in

Protect Private Financial Information"
Hoover, AL)
Examining the Homeland Security Impact of the
June 24, 2011
Homeland Security
Cybersecurity, Infrastructure Protection,
Obama Administration’s Cybersecurity Proposal
and Security Technologies
Sony and Epsilon: Lessons for Data Security Legislation June 2, 2011
Energy and Commerce
Commerce, Manufacturing, and Trade
Protecting the Electric Grid: the Grid Reliability and
May 31, 2011
Energy and Commerce

Infrastructure Defense Act
Unlocking the SAFETY Act’s [Support Anti-terrorism
May 26, 2011
Homeland Security
Cybersecurity, Infrastructure Protection,
by Fostering Effective Technologies—P.L. 107-296]
and Security Technologies
Potential to Promote Technology and Combat
Terrorism
Protecting Information in the Digital Age: Federal
May 25, 2011
Science, Space, and Technology
Research and Science Education and
Cybersecurity Research and Development Efforts
Technology and Innovation
Cybersecurity: Innovative Solutions to Challenging
May 25, 2011
Judiciary
Intellectual Property, Competition and the
Problems
Internet
Cybersecurity: Assessing the Immediate Threat to the
May 25, 2011
Oversight and Government Reform National Security, Homeland Defense and
United States
Foreign Operations
CRS-31


Title Date
Committee
Subcommittee
DHS Cybersecurity Mission: Promoting Innovation and April 15, 2011
Homeland Security
Cybersecurity, Infrastructure Protection,
Securing Critical Infrastructure
and Security Technologies
Communist Chinese Cyber-Attacks, Cyber-Espionage
April 15, 2011
Foreign Affairs
Oversight and Investigations
and Theft of American Technology
Budget Hearing—National Protection and Programs
March 31, 2011
Appropriations (closed/classified)
Energy and Power
Directorate, Cybersecurity and Infrastructure
Protection Programs
Examining the Cyber Threat to Critical Infrastructure
March 16, 2011
Homeland Security
Cybersecurity, Infrastructure Protection,
and the American Economy
and Security Technologies
2012 Budget Request from U.S. Cyber Command
March 16, 2011
Armed Services
Emerging Threats and Capabilities
What Should the Department of Defense’s Role in
February 11, 2011
Armed Services
Emerging Threats and Capabilities
Cyber Be?
Preventing Chemical Terrorism: Building a Foundation
February 11, 2011
Homeland Security
Cybersecurity, Infrastructure Protection,
of Security at Our Nation’s Chemical Facilities
and Security Technologies
World Wide Threats
February 10, 2011
Permanent Select Intelligence

Source: Compiled by CRS.
Table 22. 112th Congress, House Hearings, by Committee
Committee Subcommittee
Title
Date
Appropriations

Budget Hearing—National Protection and Programs Directorate,
March 31, 2011
(closed/classified)
Cybersecurity and Infrastructure Protection Programs
Armed Services
Emerging Threats and Capabilities
Digital Warriors: Improving Military Capabilities for Cyber Operations
July 25, 2012
Armed Services
Emerging Threats and Capabilities
Fiscal 2013 Defense Authorization: IT and Cyber Operations
March 20, 2012
Armed Services
Emerging Threats and Capabilities
Institutionalizing Irregular Warfare Capabilities
November 3, 2011
Armed Services
Emerging Threats and Capabilities
2012 Budget Request for U.S. Cyber Command
March 16, 2011
Armed Services
Emerging Threats and Capabilities
What Should the Department of Defense’s Role in Cyber Be?
February 11, 2011
Energy and Commerce Communications and Technology
Cybersecurity: Threats to Communications Networks and Public-Sector
March 28, 2012
Responses
Energy and Commerce Oversight and Investigations
IT Supply Chain Security: Review of Government and Industry Efforts
March 27, 2012
Energy and Commerce Communications and Technology
Cybersecurity: The Pivotal Role of Communications Networks
March 7, 2012
CRS-32


Committee Subcommittee
Title
Date
Energy and Commerce Oversight and Investigations
Critical Infrastructure Cybersecurity: Assessments of Smart Grid Security
February 28, 2012
Energy and Commerce Oversight and Investigations
Cybersecurity: An Overview of Risks to Critical Infrastructure
July 26, 2011
Energy and Commerce Commerce, Manufacturing, and Trade
Sony and Epsilon: Lessons for Data Security Legislation
June 2, 2011
Energy and Commerce Energy and Power
Protecting the Electric Grid: the Grid Reliability and Infrastructure Defense
May 31, 2011
Act
Financial Services
Capital Markets and Government Sponsored
Cyber Threats to Capital Markets and Corporate Account
June 1, 2012
Enterprises
Financial Services
Financial Institutions and Consumer Credit
Cybersecurity: Threats to the Financial Sector
September 14, 2011
Financial Services
Field hearing in Hoover, AL
Field Hearing: “Hacked Off: Helping Law Enforcement Protect Private
June 29, 2011
Financial Information”
Foreign Affairs
Oversight and Investigations
Communist Chinese Cyber-Attacks, Cyber-Espionage and Theft of
April 15, 2011
American Technology
Homeland Security
Emergency Preparedness, Response, and
Resilient Communications: Current Challenges and Future Advancement
September 12, 2012
Communications
Homeland Security
Cybersecurity, Infrastructure Protection, and Iranian Cyber Threat to U.S. Homeland
April 26, 2012
Security Technologies and Counterterrorism
and Intelligence
Homeland Security
Oversight, Investigations and Management
America is Under Cyber Attack: Why Urgent Action is Needed
April 24, 2012
Homeland Security
Cybersecurity, Infrastructure Protection, and The DHS and DOE National Labs: Finding Efficiencies and Optimizing
April 19, 2012
Security Technologies
Outputs in Homeland Security Research and Development
Homeland Security
Cybersecurity, Infrastructure Protection, and Hearing on Draft Legislative Proposal on Cybersecurity
December 6, 2011
Security Technologies
Homeland Security
Cybersecurity, Infrastructure Protection, and Cloud Computing: What are the Security Implications?
October 6, 2011
Security Technologies
Homeland Security
Cybersecurity, Infrastructure Protection, and Examining the Homeland Security Impact of the Obama Administration’s
June 24, 2011
Security Technologies
Cybersecurity Proposal
Homeland Security

Unlocking the SAFETY Act’s [Support Anti-terrorism by Fostering Effective May 26, 2011
Technologies—P.L. 107-296] Potential to Promote Technology and
Combat Terrorism
Homeland Security
Cybersecurity, Infrastructure Protection, and DHS Cybersecurity Mission: Promoting Innovation and Securing Critical
April 15, 2011
Security Technologies
Infrastructure
CRS-33


Committee Subcommittee
Title
Date
Homeland Security
Cybersecurity, Infrastructure Protection, and Examining the Cyber Threat to Critical Infrastructure and the American
March 16, 2011
Security Technologies
Economy
Homeland Security
Cybersecurity, Infrastructure Protection, and Preventing Chemical Terrorism: Building a Foundation of Security at Our
February 11, 2011
Security Technologies
Nation’s Chemical Facilities
Judiciary
Intellectual Property, Competition, and the
Cloud Computing: An Overview of the Technology and the Issues facing
July 25, 2012
Internet
American Innovators
Judiciary

Combating Online Piracy (H.R. 3261, Stop the Online Piracy Act)
November 16, 2011
Judiciary
Crime, Terrorism and Homeland Security
Cybersecurity: Protecting America’s New Frontier
November 15, 2011
Judiciary
Intellectual Property, Competition, and the
Cybersecurity: Innovative Solutions to Challenging Problems
May 25, 2011
Internet
Oversight and

Cybersecurity: Assessing the Nation’s Ability to Address the Growing
July 7, 2011
Government Reform
Cyber Threat
Oversight and
Subcommittee on National Security,
Cybersecurity: Assessing the Immediate Threat to the United States
May 25, 2011
Government Reform
Homeland Defense and Foreign Operations
Permanent Select

Investigation of the Security Threat Posed by Chinese Telecommunications
September 13, 2012
Intelligence
Companies Huawei and ZTE
Permanent Select

Cyber Threats and Ongoing Efforts to Protect the Nation
October 4, 2011
Intelligence
Permanent Select

World Wide Threats
February 10, 2011
Intelligence
Science, Space, and
Investigations and Oversight
NASA Cybersecurity: An Examination of the Agency’s Information Security
February 29, 2012
Technology
Science, Space, and
Technology and Innovation
The Cloud Computing Outlook
September 21, 2011
Technology
Science, Space, and
Research and Science Education and
Protecting Information in the Digital Age: Federal Cybersecurity Research
May 25, 2011
Technology
Technology and Innovation
and Development Efforts
Smal Business
Healthcare and Technology
Cyber Security: Protecting Your Smal Business
November 30, 2011
Source: Compiled by CRS.
CRS-34


Table 23. 112th Congress, House Markups, by Date
Title Date
Committee
Subcommittee
Consideration and Markup of H.R. 3674
February 1, 2012
Homeland Security
Cybersecurity, Infrastructure
Protection, and Security
Technologies
Markup: Draft Bill: Cyber Intelligence Sharing and Protection Act of 2011
December 1, 2011
Permanent Select Intelligence

Markup on H.R. 2096, Cybersecurity Enhancement Act of 2011
July 21, 2011
Science, Space, and

Technology
Discussion Draft of H.R. 2577, a bill to require greater protection for
June 15, 2011
Energy and Commerce
Commerce, Manufacturing, and
sensitive consumer data and timely notification in case of breach
Trade
Source: Compiled by CRS.
Table 24. 112th Congress, Senate Hearings, by Date
Title
Date
Committee
Subcommittee
State of Federal Privacy and Data Security Law: Lagging Behind the Times?
July 31, 2012
Homeland Security and
Oversight of Government
Governmental Affairs
Management, the Federal Workforce
and the District of Columbia
Cyber Security and the Grid
July 17, 2012
Energy and Natural Resources

Committee
U.S. Strategic Command and U.S. Cyber Command
March 27, 2012
Armed Services

Cybersecurity Research and Development
March 20, 2012
Armed Services
Emerging Threats and Capabilities
The Freedom of Information Act: Safeguarding Critical Infrastructure
March 13, 2012
Judiciary

Information and the Public’s Right to Know
Securing America’s Future: The Cybersecurity Act of 2012
February 16, 2012
Homeland Security and

Governmental Affairs
Cybercrime: Updating the Computer Fraud and Abuse Act to Protect
September 7, 2011
Judiciary

Cyberspace and Combat Emerging Threats
Role of Small Businesses in Strengthening Cybersecurity Efforts in the United
July 25, 2011
Small Business and

States
Entrepreneurship
Privacy and Data Security: Protecting Consumers in the Modern World
June 29, 2011
Commerce, Science, and

Transportation
Cybersecurity: Evaluating the Administration’s Proposals
June 21, 2011
Judiciary
Crime and Terrorism
CRS-35


Title
Date
Committee
Subcommittee
Cybersecurity and Data Protection in the Financial Sector
June 21, 2011
Banking, Housing, and Urban

Affairs
Protecting Cyberspace: Assessing the White House Proposal
May 23, 2011
Homeland Security and

Governmental Affairs
Cybersecurity of the Bulk-Power System and Electric Infrastructure and for
May 5, 2011
Energy and Natural Resources

Other Purposes
Health and Status of the Defense Industrial Base
May 3, 2011
Armed Services
Emerging Threats and Capabilities
Cyber Security: Responding to the Threat of Cyber Crime and Terrorism
April 12, 2011
Judiciary
Crime and Terrorism
Oversight of the Federal Bureau of Investigation
March 30, 2011
Judiciary

Cybersecurity and Critical Electric Infrastructurea (closed hearing)
March 15, 2011
Energy and Natural Resources

Information Sharing in the Era of WikiLeaks: Balancing Security and
March 10, 2011
Homeland Security and

Collaboration
Governmental Affairs
Homeland Security Department’s Budget Submission for Fiscal Year 2012
February 17, 2011
Homeland Security and

Governmental Affairs
Source: Compiled by CRS.
a. The March 15, 2011, hearing before the Committee on Energy and Natural Resources was closed.
Table 25. 112th Congress, Senate Hearings, by Committee
Committee Subcommittee
Title
Date
Armed Services
Emerging Threats and
Cybersecurity Research and Development
March 20, 2012
Capabilities
Armed Services

U.S. Strategic Command and U.S. Cyber Command
March 27, 2012
Armed Services
Emerging Threats and
Health and Status of the Defense Industrial Base
May 3, 2011
Capabilities
Banking, Housing, and Urban Affairs

Cybersecurity and Data Protection in the Financial Sector
June 21, 2011
Commerce, Science, and Transportation

Privacy and Data Security: Protecting Consumers in the Modern World
June 29, 2011
Energy and Natural Resources

Cybersecurity and the Grid
July 17, 2012
CRS-36


Committee Subcommittee
Title
Date
Energy and Natural Resources

Cybersecurity of the Bulk-Power System and Electric Infrastructure and
May 5, 2011
For Other Purposes
Energy and Natural Resources (closed)a

Cybersecurity and Critical Electric Infrastructure
March 15, 2011
Homeland Security and Governmental
Oversight of Government State of Federal Privacy and Data Security Law: Lagging Behind the Times? July 31, 2012
Affairs
Management, the Federal
Workforce and the
District of Columbia
Homeland Security and Governmental

Securing America’s Future: The Cybersecurity Act of 2012
February 16, 2012
Affairs
Homeland Security and Governmental

Protecting Cyberspace: Assessing the White House Proposal
May 23, 2011
Affairs
Homeland Security and Governmental

Information Sharing in the Era of WikiLeaks: Balancing Security and
March 10, 2011
Affairs
Collaboration
Homeland Security and Governmental

Homeland Security Department’s Budget Submission for Fiscal Year 2012
February 17, 2011
Affairs
Judiciary

The Freedom of Information Act: Safeguarding Critical Infrastructure
March 13, 2012
Information and the Public’s Right to Know
Judiciary

Cybercrime: Updating the Computer Fraud and Abuse Act to Protect
September 7, 2011
Cyberspace and Combat Emerging Threats
Judiciary
Crime and Terrorism
Cybersecurity: Evaluating the Administration’s Proposals
June 21, 2011
Judiciary
Crime and Terrorism
Cyber Security: Responding to the Threat of Cyber Crime and Terrorism
April 12, 2011
Judiciary

Oversight of the Federal Bureau of Investigation
March 30, 2011
Smal Business and Entrepreneurship

Role of Smal Business in Strengthening Cybersecurity Efforts in the
July 25, 2011
United States
Source: Compiled by CRS.
a. The March 15, 2011, hearing before the Committee on Energy and Natural Resources was closed.
CRS-37


Table 26. 112th Congress, Congressional Committee Investigative Reports
Title Committee
Date
Pages
Notes
Investigative Report on the U.S.
House Permanent Select
October 8, 2012
60
The committee initiated this investigation in November 2011
National Security Issues Posed by
Committee on Intelligence
to inquire into the counterintelligence and security threat
Chinese Telecommunications
posed by Chinese telecommunications companies doing
Companies Huawei and ZTE
business in the United States.
Federal Support for and Involvement
U. S. Senate Permanent
October 3, 2012
141
A two-year bipartisan investigation found that U.S.
in State and Local Fusion Centers
Subcommittee on
Department of Homeland Security efforts to engage state
Investigations
and local intelligence “fusion centers” has not yielded
significant useful information to support federal
counterterrorism intelligence efforts. In Section VI, “Fusion
Centers Have Been Unable to Meaningfully Contribute to
Federal Counterterrorism Efforts,” Part G, “Fusion Centers
May Have Hindered, Not Aided, Federal Counterterrorism
Efforts,” the report discusses the Russian “Cyberattack” in
Illinois.
Source: Compiled by CRS.

CRS-38

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Executive Orders and Presidential Directives
Executive orders are official documents through which the President of the United States
manages the operations of the federal government. Presidential directives guide the federal
rulemaking policy and are signed or authorized by the President.
CRS Reports on Executive Orders and Presidential Directives
The following reports provide additional information on executive orders and presidential
directives:
• CRS Report R42984, The 2013 Cybersecurity Executive Order: Overview and
Considerations for Congress, by Eric A. Fischer et al.
• CRS Report RS20846, Executive Orders: Issuance, Modification, and
Revocation, by Vivian S. Chu and Todd Garvey.
• CRS Report R42740, National Security and Emergency Preparedness
Communications: A Summary of Executive Order 13618, by Shawn Reese.
• CRS Report 98-611, Presidential Directives: Background and Overview, by
Elaine Halchin.
Table 27 provides a list of executive orders and presidential directives pertaining to
cybersecurity. (Titles are linked to documents.)

Congressional Research Service
39


Table 27. Executive Orders and Presidential Directives
(by date of issuance)
Title Date
Source Notes
E.O. 13694, Blocking the Property of Certain Persons
April 1, 2015
White House
The executive order establishes the first sanctions program to
Engaging in Significant Malicious Cyber-Enabled Activities
allow the Administration to impose penalties on individuals
overseas who engage in destructive attacks or commercial
espionage in cyberspace. The order declares “significant
malicious cyber-enabled activities” a “national emergency” and
enables the Treasury Secretary to target foreign individuals and
entities that take part in the illicit cyberactivity for sanctions that
could include freezing their financial assets and barring
commercial transactions with them.
Presidential Memorandum—Establishment of the Cyber
February 25, 2015
White House
The CTIIC will be a national intelligence center focused on
Threat Intelligence Integration Center
“connecting the dots” regarding malicious foreign cyber threats
to the nation and cyber incidents affecting U.S. national
interests, and on providing all-source analysis of threats to U.S.
policymakers. The CTIIC will also assist relevant departments
and agencies in their efforts to identify, investigate, and mitigate
those threats
E.O. 13691, Encouraging Private-Sector Cybersecurity
February 12, 2015
White House
The executive order cal s for establishing new “information
Collaboration
sharing and analysis organizations to serve as focal points for
cybersecurity information sharing and collaboration within the
private sector and between the private sector and government.”
It also aims to streamline the process companies use to sign
agreements with the federal government and grants DHS new
powers to approve sharing classified intelligence with the private
sector.
E.O. 13687, Imposing Additional Sanctions with Respect to
January 2, 2015
White House
The executive order states that North Korea engaged in
North Korea
“provocative, destabilizing, and repressive actions and policies,”
including “destructive, coercive cyber-related actions during
November and December 2014,” and authorizes sanctions
against North Korea. The sanctions prohibit the people and
organizations named from accessing the U.S. financial system and
forbid any banks or other financial institutions that do business
with the U.S. system from doing business with the sanctioned
entities.
CRS-40


Title Date
Source Notes
E.O. 13681, Improving the Security of Consumer Financial
October 17, 2014
White House
The executive order mandates that government credit and debit
Transactions
cards be enabled with chip and PIN technology and federal
facilities accept chip and PIN-enabled cards at retail terminals.
E.O. 13636, Improving Critical Infrastructure Cybersecurity
February 12, 2013
White House
E.O. 13636 addresses cybersecurity threats to critical
infrastructure (CI) by, among other things,

expanding to other CI sectors an existing DHS program for
information sharing and collaboration between the
government and the private sector;

establishing a broadly consultative process for identifying CI
with especially high priority for protection;

requiring the National Institute of Standards and
Technology to lead in developing a Cybersecurity
Framework of standards and best practices for protecting
CI; and

requiring regulatory agencies to determine the adequacy of
current requirements and their authority to establish
requirements to address the risks.
Presidential Policy Directive (PPD) 21 - Critical
February 12, 2013
White House
This directive establishes national policy on critical infrastructure
Infrastructure Security and Resilience
security and resilience. This endeavor is a shared responsibility
among the federal, state, local, tribal, and territorial (SLTT)
entities, and public and private owners and operators of critical
infrastructure (hereinafter referred to as “critical infrastructure
owners and operators”). This directive also refines and clarifies
the critical infrastructure-related functions, roles, and
responsibilities across the federal government, as well as
enhances overall coordination and collaboration. The federal
government also has a responsibility to strengthen the security
and resilience of its own critical infrastructure, for the continuity
of national essential functions, and to organize itself to partner
effectively with and add value to the security and resilience
efforts of critical infrastructure owners and operators.
E. O. 13618, Assignment of National Security and Emergency July 6, 2012
White House
This order addresses the federal government's need and
Preparedness Communications Functions
responsibility to communicate during national security and
emergency situations and crises by assigning federal national
security and emergency preparedness communications
CRS-41


Title Date
Source Notes
functions. EO 13618 is a continuation of older executive orders
issued by other presidents and is related to the
Communications Act of 1934 (47 U.S.C. §606). This executive
order, however, changes federal national security and
emergency preparedness communications functions by dissolving
the National Communications System, establishing an executive
committee to oversee federal national security and emergency
preparedness communications functions, establishing a programs
office within the DHS to assist the executive committee, and
assigning specific responsibilities to federal government entities.
E.O. 13587, Structural Reforms to Improve the Security of
October 7, 2011
White House
This order directs structural reforms to ensure responsible
Classified Networks and the Responsible
sharing and safeguarding of classified information on computer
networks that shall be consistent with appropriate protections
for privacy and civil liberties. Agencies bear the primary
responsibility for meeting these twin goals. These policies and
minimum standards will address all agencies that operate or
access classified computer networks, all users of classified
computer networks (including contractors and others who
operate or access classified computer networks control ed by
the federal government), and all classified information on those
networks.
E.O. 13407, Public Alert and Warning System
June 26, 2006
White House
The order assigns the Secretary of Homeland Security the
responsibility to establish or adopt, as appropriate, common
alerting and warning protocols, standards, terminology, and
operating procedures for the public alert and warning system to
enable interoperability and the secure delivery of coordinated
messages to the American people through as many
communication pathways as practicable, taking account of
Federal Communications Commission rules as provided by law.
HSPD-7, Homeland Security Presidential Directive No. 7:
December 17, 2003 White House
Assigns the Secretary of Homeland Security the responsibility of
Critical Infrastructure Identification, Prioritization, and
coordinating the nation’s overall efforts in critical infrastructure
Protection
protection across all sectors. HSPD-7 also designates the DHS
as lead agency for the nation’s information and
telecommunications sectors.
E.O. 13286, Amendment of Executive Orders, and Other
February 28, 2003
White House
Designates the Secretary of Homeland Security the Executive
Actions, in Connection With the Transfer of Certain
Agent of the National Communication System Committee of
CRS-42


Title Date
Source Notes
Functions to the Secretary of Homeland Security
Principals, which are the agencies, designated by the President,
that own or lease telecommunication assets identified as part of
the National Communication System, or which bear policy,
regulatory, or enforcement responsibilities of importance to
national security and emergency preparedness
telecommunications.
Presidential Decision Directive/NSC-63
May 22, 1998
White House
Sets as a national goal the ability to protect the nation’s critical
infrastructure from intentional attacks (both physical and cyber)
by the year 2003. According to the PDD, any interruptions in
the ability of these infrastructures to provide their goods and
services must be “brief, infrequent, manageable, geographically
isolated, and minimally detrimental to the welfare of the United
States."
NSD-42, National Security Directive 42 - National Policy for
July 5, 1990
White House
Establishes the National Security Telecommunications and
the Security of National Security Telecommunications and
Information Systems Security Committee, now called the
Information Systems
Committee on National Security Systems (CNSS). CNSS is an
interagency committee, chaired by the Department of Defense.
Among other assignments, NSD-42 directs the CNSS to provide
system security guidance for national security systems to
executive departments and agencies and submit annually to the
Executive Agent an evaluation of the security status of national
security systems. NSD-42 also directs the CNSS to interact, as
necessary, with the National Communications System
Committee of Principals.
Source: Descriptions compiled by CRS from government websites.






CRS-43

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Author Contact Information

Rita Tehan

Information Research Specialist
rtehan@crs.loc.gov, 7-6739

Key CRS Policy Staff
See CRS Report R42619, Cybersecurity: CRS Experts, by Eric A. Fischer for the names and contact
information for CRS experts on policy issues related to cybersecurity bills currently being debated in the
114th Congress.



Congressional Research Service
44