skip to main content

H.R. 3359 (115th): Cybersecurity and Infrastructure Security Agency Act of 2018


H.R. 3359 redesignates the Department of Homeland Security’s National Protection and Programs Directorate as the Cybersecurity and Infrastructure Security Agency (CISA). The bill directs CISA to be headed by a Director of National Cybersecurity and Infrastructure Security to lead national efforts to protect and enhance the security and resiliency of U.S. cybersecurity, emergency communications, and critical infrastructure.

Within CISA, there shall be a cybersecurity division, an infrastructure security division, and an emergency communications division (previously the Office of Emergency Communications).

The Office of Biometric Identity Management within the existing National Protection and Programs Directorate is transferred to the Management Directorate of the Department, and the Federal Protective Service is authorized to be transferred to any component, directorate, or other office of the Department deemed appropriate by the Secretary.

Last updated Dec 10, 2017. Source: Republican Policy Committee

The summary below was written by the Congressional Research Service, which is a nonpartisan division of the Library of Congress, and was published on Nov 17, 2018.


Cybersecurity and Infrastructure Security Agency Act of 2018

(Sec. 2) This bill amends the Homeland Security Act of 2002 to redesignate the Department of Homeland Security's (DHS's) National Protection and Programs Directorate as the Cybersecurity and Infrastructure Security Agency. It transfers resources and responsibilities of the directorate to the agency.

The agency shall be headed by the Director of National Cybersecurity and Infrastructure Security. Its responsibilities shall include: leading cybersecurity and critical infrastructure security programs, operations, and associated policy; and carrying out DHS's responsibilities concerning chemical facility antiterrorism standards.

The bill details the organizational structure of the agency.

(Sec. 3) The bill transfers within DHS the Office of Biometric Identity Management to the Management Directorate.

It also requires DHS to transfer the Federal Protective Service to an appropriate DHS component, directorate, or office following the completion of an ongoing Government Accountability Office review.

(Sec. 4) DHS shall report on its leadership role in cloud-based cybersecurity deployments for civilian federal departments and agencies.