H.R. 239 requires the Under Secretary for Science and Technology (S&T;) to support cybersecurity research, development, testing, evaluation and transition and to coordinate those activities with other Federal agencies, industry, and academia. In service to the components of the Department of Homeland Security (DHS), the Under Secretary is required to: 1) advance the development and deployment of secure information systems; 2) improve and create technologies to detect attacks or intrusions; 3) improve and create mitigation and recovery methodologies; 4)support the review of source code that underpins critical infrastructure information systems in coordination with the private sector; 5) develop and support tools to support cybersecurity research and development efforts; 6) assist the development of technologies to reduce vulnerabilities in industrial control systems; and 7) develop and support forensics and attack attribution capabilities.
In addition, the bill requires the Under Secretary to support the full life cycle of cyber research and development projects and identify mature technologies to address the needs of existing or imminent cybersecurity gaps. The Under Secretary must target federally funded cybersecurity research that demonstrates a high probability of successful transition to the commercial market within two years.
Finally, H.R. 239 extends the timeframe for the use of Other Transaction Authority (OTA) until the year 2021. Prior to the use of OTA, the Secretary of DHS must approve a submitted proposal outlining the rationale, funds to be spent, and expected outcomes of the project. The Secretary of DHS is required to submit an annual report to Congress detailing those projects for which OTA was authorized.
The summary below was written by the Congressional Research Service, which is a nonpartisan division of the Library of Congress, and was published on Jan 10, 2017.
Support for Rapid Innovation Act of 2017
(Sec. 2) This bill amends the Homeland Security Act of 2002 to direct the Under Secretary for Science and Technology of the Department of Homeland Security (DHS) to support the research, development, testing, evaluation, and transition of cybersecurity technologies.
Such research and development shall:
advance the development and accelerate the deployment of more secure information systems, improve and create technologies for detecting attacks or intrusions, improve and create mitigation and recovery methodologies and development of resilient networks and information systems, support the review of source code that underpins critical infrastructure information systems, develop and support infrastructure and tools to support cybersecurity research and development efforts, assist the development and support of technologies to reduce vulnerabilities in industrial control systems, and develop and support cyber forensics and attack attribution capabilities. The Under Secretary shall:
support projects carried out under this bill through their full life cycle; identify mature technologies that address existing or imminent cybersecurity gaps in public or private information systems and networks, identify and support necessary improvements, and introduce new cybersecurity technologies throughout the homeland security enterprise through partnerships and commercialization; and target federally funded cybersecurity research that demonstrates a high probability of successful transition to the commercial market within two years and that is expected to have a notable impact on information systems and networks. The bill: (1) extends the authority of the Secretary of DHS to carry out a research and development projects pilot program until September 30, 2021; (2) requires a DHS component to obtain the Secretary's approval before utilizing authority for such a project by providing a proposal that includes the rationale, funds to be spent, and expected outcome for the project; and (3) requires the Secretary's annual report on such program to include the extent of cost-sharing for projects among federal and non-federal sources and the extent to which utilization of project authority has addressed a homeland security capability gap or threat to the homeland.