March 21, 2018
Press Release

WASHINGTON – Today, Congressmen Ted W. Lieu (D-Los Angeles County) and Ted Yoho (R-FL) announce the introduction of the bipartisan Hack Your State Department Act. The bill will strengthen cyber defenses for the State Department by tapping ethical hackers to identify vulnerabilities in State Department’s networks and data systems. Like the “Hack the Department of Homeland Security Act”, which Rep. Lieu introduced in 2017, this program will rely on a bug bounty system where authorized hackers can enter a State Department system, identify and disclose weaknesses and receive compensation. Additionally, it will establish a Vulnerability Disclosure Program to field vulnerabilities reported by the general public. The Trump Administration's 2017 Report to the President on Federal IT Modernization recommended that agencies establish vulnerability disclosure policies and set up private bug bounty programs.

Upon introduction of the bill, Mr. Lieu said:

“As one of only four Computer Science majors in Congress, I recognize we have a lot of work to do to ensure the U.S. Government is on the cutting edge of combating cyber threats. We’re a global leader on so many fronts and that should include cybersecurity. I’m proud of this bill because the vulnerability disclosure and bug bounty programs are innovative ways to solve what is one of our government’s most pressing concerns: data security. By capitalizing on the skills of some of the best minds in cybersecurity, as well as the general public, we’ll be able to make sure the State Department is able to safely and securely continue its mission as America’s voice abroad.”

Upon introduction of the bill, Mr. Yoho said:

“You are only as strong as your weakest link. Vulnerability to cyber-attacks has been and continues to be a serious threat to our national security. It is vital that we do all we can to find the weak links in our government systems and fix them as fast as possible. Hack the State Department enables us to effectively identify our vulnerabilities and use the brightest cybersecurity minds to strengthen our defenses.  Cyber threats are constantly evolving, and our cyber defenses must evolve with them.”

Support for the Hack Your State Department Bill

Katherine Charlet, Director of Carnegie's Technology and International Affairs Program and former Acting Deputy Assistant Secretary of Defense for Cyber Policy - "Executive agency networks are major targets for malicious actors in cyberspace. By using crowdsourcing policies, these agencies can identify and fix critical vulnerabilities. With this bill, Representatives Lieu and Yoho are promoting a cost effective and valuable way to raise the bar for cybersecurity. "

Ari Schwartz, Coordinator of Coalition for Cybersecurity Policy and Law and Former Special Assistant to the President for Cybersecurity at the National Security Council -"A properly resourced vulnerability disclosure program can be a valuable component to any organization's cybersecurity plan. We hope this bill from Reps. Lieu and Yoho will encourage more agencies governmentwide to leverage external expertise to enhance security.”