⚡️ News Flash ⚡️

“Data Centers, Telecommunications Networks, and Space-Based Systems: Modernizing DHS’s SRMA Role for the Communications and IT Sectors”

House Committee on Homeland Security, Subcommittee on Cybersecurity and Infrastructure Protection
April 29, 2026 (recording linked here)

HEARING INFORMATION

Witnesses and Written Testimony:

• Robert Mayer, Senior Vice President, Cybersecurity & Innovation, USTelecom — The Broadband Association

• Sam Visner, Chair, Board of Directors, Space Information Sharing and Analysis Center

• RADM Mark Montgomery, USN (Ret.), Senior Director and Senior Fellow, Center on Cyber and Technology Innovation, Foundation for Defense of Democracies

• Scott Algeier, Executive Director, Information Technology-Information Sharing and Analysis Center

HEARING HIGHLIGHTS

QUICK SUMMARY

• Rising Cyber Threats: Lawmakers and witnesses warned that cyber threats from adversaries like China are intensifying and targeting critical infrastructure. Several noted that attacks are becoming more sophisticated and persistent. Concerns were raised that U.S. defenses are not keeping pace.

• CISA Under Strain: Members questioned whether CISA can fulfill its role amid staffing cuts and reduced resources. Witnesses said losses in personnel and partnerships have weakened coordination with industry. Restoring capacity and leadership was seen as essential.

• New Critical Infrastructure Challenges: The hearing highlighted growing risks tied to data centers, space systems, and subsea cables. Witnesses argued these sectors are increasingly vital but not fully accounted for in current frameworks. Some supported designating them as distinct critical infrastructure sectors.

• Supply Chain Vulnerabilities: Participants emphasized risks from global supply chains and foreign components in critical systems. Witnesses said vulnerabilities exist regardless of origin and require better detection and coordination. Strengthening policy and intelligence sharing was identified as key.

IN THEIR WORDS

SUMMARY OF OPENING STATEMENTS

• Full Committee Ranking Member Thompson argued that recent cyber incidents, including the Salt Typhoon breach, exposed serious vulnerabilities in U.S. telecommunications infrastructure. He warned that Chinese state-backed hackers had accessed sensitive communications and data for extended periods without detection. He contended that federal cybersecurity capacity had been weakened by staffing cuts, dismantled review mechanisms, and reduced public-private collaboration. He criticized the failure to reauthorize key legislation that supports information sharing and liability protections. He expressed concern that emerging threats such as artificial intelligence and geopolitical conflicts were outpacing current defenses. He urged Congress and DHS to rebuild capacity, restore partnerships, and strengthen protections for critical infrastructure.

• Subcommittee Chair Ogles stated that the purpose of the hearing was to evaluate the Department of Homeland Security’s role as the Sector Risk Management Agency for the communications and information technology sectors. He explained that the hearing would examine whether DHS authorities and resources were sufficient to address evolving cyber threats. He highlighted the importance of protecting infrastructure such as data centers, telecommunications networks, subsea cables, and space-based systems. He suggested that these systems may not be fully accounted for within the current critical infrastructure framework. He emphasized the need to assess whether DHS is keeping pace with the rapidly changing threat environment. He deferred his full opening statement until after the vote series.

• Subcommittee Ranking Member Ramirez stated that this was her first hearing after being appointed ranking member of the subcommittee and outlined her perspective on cybersecurity under the current administration. She argued that the security of federal networks, critical infrastructure, and personal data had not been adequately prioritized. She contended that workforce reductions, diminished resources, and weakened oversight had undermined CISA’s effectiveness and eroded institutional knowledge and partnerships. She criticized what she described as deregulation of emerging technologies and failures to protect civil rights and privacy. She emphasized that Congress must assert its authority to restore oversight, rebuild capacity, and strengthen cybersecurity protections. She concluded that she was committed to resourcing CISA and working to protect national security and individual privacy.

SUMMARY OF WITNESS STATEMENTS

• Mr. Mayer emphasized the longstanding partnership between the communications sector and the federal government in securing critical infrastructure. He stated that this collaboration had become more important as cyber threats grew more sophisticated and persistent. He highlighted successful coordination mechanisms such as the Joint Cyber Defense Collaborative and other public-private initiatives. He argued that stronger, more structured engagement between government and industry was needed, including support for new programs and frameworks. He stressed the importance of modernizing authorities and improving coordination across agencies, particularly regarding supply chain risks. He concluded that clearer alignment and continued investment would strengthen national cybersecurity and resilience.

• Mr. Visner explained that space systems had become essential to national and economic security, supporting transportation, communications, agriculture, finance, and defense. He described the rapid growth of space infrastructure, including a dramatic increase in the number of active satellites. He outlined the role of the Space ISAC in sharing threat intelligence across industry and government partners globally. He emphasized that threats to space systems include cyber attacks, jamming, spoofing, and supply chain vulnerabilities. He argued that the security of space infrastructure must be treated as a global priority requiring international coordination. He warned that future developments such as lunar operations and space-based data systems would introduce new security challenges that must be addressed proactively.

• Rear Admiral Montgomery stated that the United States was under active cyber attack from adversaries, particularly China, which was pre-positioning capabilities within critical infrastructure. He argued that national cyber resilience depended on three elements: a capable federal government, a well-resourced private sector, and strong public-private collaboration. He warned that recent reductions in funding and collaboration mechanisms had weakened these pillars. He emphasized that communications networks, data centers, and space systems were increasingly vital and vulnerable components of national security. He highlighted the growing risks associated with AI, energy demands, and supply chain dependencies. He recommended strengthening CISA, improving coordination, and designating space systems as critical infrastructure to better protect national interests.

• Mr. Algeier stressed that nation-state cyber threats against critical infrastructure were increasing in severity and frequency. He explained that the IT-ISAC facilitates voluntary information sharing to help companies manage cyber risks collectively. He argued that recent reductions in CISA capabilities and engagement had weakened industry’s ability to respond effectively. He called for restoring formal collaboration frameworks, extending legal protections for information sharing, and improving leadership stability within CISA. He emphasized the need for better prioritization of resources and stronger analytical engagement between government and industry. He concluded that rebuilding trust, enhancing situational awareness, and modernizing processes were essential to strengthening national cybersecurity defenses.

SUMMARY OF KEY Q&A

• Rep. Fong asked how CISA could improve intelligence sharing with the private sector, particularly for communications and IT sectors. Mr. Mayer responded that intelligence sharing had improved significantly in quality and frequency but needed better dissemination to smaller regional providers and continued expansion of unclassified advisories.

  Rep. Fong asked about necessary safeguards for hyperscale data centers and the risks of leaving them vulnerable. Rear Admiral Montgomery stated that both physical and cybersecurity protections were essential, warned of supply chain risks and adversarial attacks, and suggested data centers should be considered a distinct critical infrastructure sector.

  Rep. Fong asked whether the United States should designate data centers as critical infrastructure similar to the United Kingdom. Rear Admiral Montgomery supported designation, arguing data centers, space systems, and telecommunications should be treated as separate sectors. Mr. Mayer agreed that growing data center importance justified increased scrutiny and coordination, potentially through a distinct framework. Mr. Visner emphasized that data centers were foundational to economic and national security and should be formally recognized and protected as critical infrastructure. Mr. Algeier noted that data centers were already integrated into existing IT sector coordination through ISAC structures and information sharing efforts.

• Ranking Member Ramirez stated that cybersecurity had been deprioritized under the current administration and asked about the impact of workforce reductions at CISA. Rear Admiral Montgomery responded that personnel cuts weakened collaboration, reduced engagement capacity, and disproportionately harmed underserved communities reliant on federal cybersecurity support.

• Rep. Fong asked how the United States could reduce reliance on Chinese supply chains for critical components. Rear Admiral Montgomery stated that eliminating Chinese components from critical systems required phased policy action and highlighted risks in technologies like cellular modems. Mr. Visner added that supply chain risks were global and emphasized the need for improved vulnerability detection across all systems, not just those tied to China. Mr. Mayer emphasized the need for coordinated government policy and better intelligence sharing with industry to manage supply chain risks effectively.

• Ranking Member Ramirez asked how broader cuts to CISA affected its ability to support other sector risk management agencies. Rear Admiral Montgomery stated that reduced staffing, eliminated programs, and lack of funding severely limited coordination with key sectors like healthcare, water, and agriculture, weakening national resilience.

• Rep. Magaziner asked whether CISA staffing cuts made the country safer. Rear Admiral Montgomery stated that workforce reductions significantly weakened cybersecurity capacity and undermined national defense efforts.

• Rep. Fong asked what changes were needed to improve space infrastructure security. Mr. Visner stated that the United States must formally recognize space systems as critical infrastructure, improve coordination, and conduct a comprehensive vulnerability assessment. Rear Admiral Montgomery added that Congress should designate space as a critical infrastructure sector and assign a lead agency such as NASA.

  Rep. Fong asked about the threat to subsea cables and the consequences of an attack. Rear Admiral Montgomery stated that subsea cables were highly vulnerable and that attacks could disrupt the vast majority of global data flow, posing severe national security and economic risks.

• Rep. McIver asked how to ensure cybersecurity and physical security for expanding AI data centers. Rear Admiral Montgomery stated that establishing a dedicated critical infrastructure designation with coordinated federal oversight would improve standards, transparency, and security.

  Rep. McIver asked what baseline standards should be in place before constructing data centers. Rear Admiral Montgomery stated that facilities should meet physical security requirements such as standoff distances and drone protections, as well as robust cybersecurity and supply chain standards guided by federal frameworks like NIST.

ADD TO THE NIMITZ NETWORK

Know someone else who would enjoy our updates? Feel free to forward them this email and have them subscribe here.