Citizen Portal
Sign In

House Homeland Security subcommittee hears bipartisan case for scaling offensive cyber tools, with caveats on staffing and oversight

Committee on Homeland Security, Subcommittee on Cybersecurity and Infrastructure Protection · January 13, 2026

Loading...

AI-Generated Content: All content on this page was generated by AI to highlight key points from the meeting. For complete details and context, we recommend watching the full video. so we can fix them.

Summary

Witnesses told the House Homeland Security Subcommittee that U.S. cyber deterrence requires scalable, disciplined offensive capabilities and closer operational ties with the private sector; members warned about CISA staffing shortfalls, legal authorities, escalation risk, and the need for oversight.

Chairman Ogles opened a subcommittee hearing saying the United States needs credible, lawful offensive cyber capabilities to deter persistent state‑sponsored campaigns against critical infrastructure.

Experts on the panel agreed the country faces continuous, industrial‑scale cyber operations by state‑linked groups and that current defense and attribution measures alone have not changed adversary behavior. Joe Lin, cofounder and CEO of 20 Technologies, said the U.S. “is not postured to deter or defeat its adversaries in cyberspace” and urged the government to “industrialize offensive cyber capabilities” by turning elite operator tradecraft into scalable, testable software that can operate at machine speed.

The witnesses framed three near‑term policy priorities: (1) align authorities, acquisition, and operational concepts for sustained campaigns rather than single bespoke operations; (2) strengthen public‑private operational collaboration so private firms with wide sensor networks can support timely disruption; and (3) invest in the workforce and technology needed to operate at speed, including responsible use of AI. Emily Harding, vice president at the Center for Strategic and International Studies, recommended a five‑point playbook and told lawmakers “cyberattacks are attacks” when they imperil life or critical infrastructure.

Members pressed on legal authorities and escalation risk. Ranking Member Thompson and several other members cautioned that offensive options should not be pursued without sufficient defensive capacity: Thompson highlighted that CISA had lost roughly one‑third of its workforce in the past year and said the government must be able to defend networks before broadening offensive activities. Witnesses responded that a combination of Title 10, Title 50, Title 18, and agency authorities can be used together but that clearer, modernized legal frameworks and governance are needed to enable timely, deconflicted operations while protecting civil liberties.

The hearing also stressed the limits of current practice: witnesses said the U.S. often relies on small, bespoke teams that cannot match adversaries operating at machine scale and argued Congress should fund capabilities that multiply human operators rather than only adding bodies. Lin pointed to recent congressional appropriations, saying Congress had committed funds for offensive cyber and AI work but urged that money be spent on software and systems that enable operators to work at “100x” current scale.

The panel did not produce legislative outcomes at the hearing; members asked witnesses to submit written answers to follow‑up questions and the record was held open. The subcommittee said it will continue oversight work on authorities, staffing, and governance for any expanded offensive posture.