WASHINGTON, DC – On May 13, Rep. Carolyn B. Maloney, Chairwoman of the Committee on Oversight and Reform; Rep. Gerald E. Connolly, Chairman of the Subcommittee on Government Operations; and Rep. Stephen F. Lynch, Chairman of the Subcommittee on National Security, issued the following statement in response to President Biden’s Executive Order to improve the nation’s cybersecurity and protect federal government networks:
“With yesterday’s Executive Order, President Biden has taken a significant step toward bolstering our nation’s woefully inadequate cybersecurity. The threat to our country posed by malicious cyber actors is grave, and this order will begin the process of creating critical new procurement and cyber incident reporting requirements to ensure better cybersecurity practices from federal suppliers.
“Last year, we learned that numerous federal government agencies were victims of a serious and widespread cyberattack initiated through SolarWinds software. The Committee has been working to understand the full extent of the attack and the damage done to our nation in order to build back better. Unfortunately, we have recently learned of several additional serious attacks, including a ransomware attack on a major gas pipeline company that disrupted fuel service across the East Coast.
“We look forward to working together with the Biden-Harris Administration – including the nominee for the first National Cyber Director, Chris Inglis – and our colleagues on both sides of the aisle to strengthen our nation’s cyber defenses and seek permanent legislative solutions.”
On February 26, 2021, the Committee held a joint hearing with the Committee on Homeland Security to examine recent cybersecurity incidents affecting government and private sector networks, including the supply chain attack targeting SolarWinds Orion Software and other cyberattacks. At the hearing, Members and witnesses discussed the urgent need to improve cybersecurity in both the private and public sectors, including the need for increased information-sharing with the private sector, new reporting requirements on cyber threat indicators or instructions, and common-sense procurement rules to strengthen the government’s cyber posture in federal contracts.