A Florida Republican congressman wants “ethical hackers” to test the U.S. State Department’s cyber defenses.
On Wednesday, U.S. Rep. Ted Yoho, R-Fla., the chairman of the U.S. House Asia and Pacific Subcommittee and a member of the U.S. House Foreign Affairs Committee, paired up with U.S. Rep. Ted Lieu, D-Calif., to unveil the “Hack Your State Department Act.” Yoho’s proposal would have “ethical hackers” attempt to hack the State Department’s cyber defenses and identify any vulnerabilities and compensate them for their efforts. Last year, the Trump administration proposed setting up bug bounty programs in the “Report to the President on Federal IT Modernization.”
Yoho made the case for his proposal on Wednesday.
“You are only as strong as your weakest link,” Yoho said. “Vulnerability to cyber-attacks has been and continues to be a serious threat to our national security. It is vital that we do all we can to find the weak links in our government systems and fix them as fast as possible. Hack the State Department enables us to effectively identify our vulnerabilities and use the brightest cybersecurity minds to strengthen our defenses. Cyber threats are constantly evolving, and our cyber defenses must evolve with them.”
“As one of only four computer science majors in Congress, I recognize we have a lot of work to do to ensure the U.S. government is on the cutting edge of combating cyber threats,” Lieu said. “We’re a global leader on so many fronts and that should include cybersecurity. I’m proud of this bill because the vulnerability disclosure and bug bounty programs are innovative ways to solve what is one of our government’s most pressing concerns: data security. By capitalizing on the skills of some of the best minds in cybersecurity, as well as the general public, we’ll be able to make sure the State Department is able to safely and securely continue its mission as America’s voice abroad.”
The bill has won the support of leading experts in the field including Katherine Charlet, the director of Carnegie's Technology and International Affairs Program who worked on cyber issues in the U.S.. Defense Department.
"Executive agency networks are major targets for malicious actors in cyberspace,” Charlet said. “By using crowdsourcing policies, these agencies can identify and fix critical vulnerabilities. With this bill, Representatives Lieu and Yoho are promoting a cost effective and valuable way to raise the bar for cybersecurity. "
Ari Schwartz from the Coalition for Cybersecurity Policy and Law who worked on cybersecurity issues at the National Security Council also applauded the proposal.
"A properly resourced vulnerability disclosure program can be a valuable component to any organization's cybersecurity plan,” Schwartz said. “We hope this bill from Reps. Lieu and Yoho will encourage more agencies government wide to leverage external expertise to enhance security.”\
READ MORE FROM SUNSHINE STATE NEWS
Francis Rooney Backs Ted Yoho's International Development Finance Reform
Ted Yoho Upbeat About Vietnam Relations After USS Carl Vinson Ports in Da Nang
