Mobile Menu - OpenMobile Menu - Closed

H.R. 3359, Cybersecurity and Infrastructure Security Agency Act of 2017

Floor Situation

On ­­­­Monday, December 11, 2017, the House will consider H.R. 3359, the Cybersecurity and Infrastructure Security Agency Act of 2017, under suspension of the rules. The bill was introduced on July 24, 2017, by Rep. Michael McCaul (R-TX) and was referred to the House Committee on Homeland Security, in addition to the Committee on Energy and Commerce, the Committee on Oversight and Government Reform, and the Committee on Transportation and Infrastructure. The Committee on Homeland Security ordered the bill to be reported by voice vote on July 26, 2017.


H.R. 3359 redesignates the Department of Homeland Security’s National Protection and Programs Directorate as the Cybersecurity and Infrastructure Security Agency (CISA). The bill directs CISA to be headed by a Director of National Cybersecurity and Infrastructure Security to lead national efforts to protect and enhance the security and resiliency of U.S. cybersecurity, emergency communications, and critical infrastructure.

Within CISA, there shall be a cybersecurity division, an infrastructure security division, and an emergency communications division (previously the Office of Emergency Communications).

The Office of Biometric Identity Management within the existing National Protection and Programs Directorate is transferred to the Management Directorate of the Department, and the Federal Protective Service is authorized to be transferred to any component, directorate, or other office of the Department deemed appropriate by the Secretary. 


The National Protection and Programs Directorate (NPPD) leads the national efforts to protect and enhance the resilience of the nation’s physical and cyber infrastructure. It is currently made up of the the Office of Cybersecurity and Communications,  the Office of Infrastructure Protection, the Federal Protective Service, the Office of Biometric Identity Management, , and the Office of Cyber and Infrastructure Analysis, and.[1]

NPPD works with partners at all levels of government, and from the private and nonprofit sectors, to share information and build greater trust to make cyber and physical infrastructure more secure and resilient. NPPD issues actionable cybersecurity alerts to the private sector and general public, works with state and local officials to plan security for large public gatherings, works with owners and operators of critical infrastructure to asses and mitigate potential risks from terrorist attacks and natural disasters, protects more than 9,000 federal facilities, and processes biometric identity transactions.[2]


The Congressional Budget Office (CBO) estimates implementing H.R. 3359 would have a negligible effect on the federal budget.

Staff Contact

For questions about amendments or further information on the bill, contact Jake Vreeburg with the House Republican Policy Committee by email or at 2-1374.


[1] See NPPD at

[2] Id.

115th Congress