The U.S. President Donald Trump signed a bill into law on Nov. 16, approving the creation of the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS). The bill, called the CISA Act, restructures and rebrands the National Protection and Programs Directorate (NPPD), a program inside the DHS, as CISA, a standalone federal agency in charge of administering civilian and federal Cybersecurity programs.
Formed in 2007, the NPPD has already been managing almost all of the DHS’ cyber-related issues and projects. As a wing of the DHS, the NPPD was the government entity in charge of physical and cyber-security of federal networks and critical infrastructure, and supervised the Federal Protective Service (FPS), the Office of Cyber and Infrastructure Analysis (OCIA), the Office of Biometric Identity Management (OBIM), the Office of Cybersecurity & Communications (OC&C), and the Office of Infrastructure Protection (OIP). As CISA, the agency’s prerogatives will remain the same, and nothing is expected to change in day-to-day operations, but as a federal agency, CISA will now benefit from an increased budget and more authority in imposing its directives.
NPPD Undersecretary Christopher Krebs said that hoisting the Cybersecurity mission within the DHS, streamlining the agency’s operations, and providing NPPD a name that imitates what it actually does will help better secure the nation’s critical infrastructure and cyber platforms. Krebs also noted that the changes will also augment the Department’s ability to engage with industry and government stakeholders and recruit top Cybersecurity expertise. The NPPD’s current head, Christopher Krebs will become the first director of the CISA. The CISA Act was originally proposed last year, which was passed in the Senate in October, and passed the House last week.