The House on Tuesday approved five bipartisan measures designed to enhance various aspects of the nation’s cybersecurity following recent major cyberattacks.
The cyber-related package passed in a 319-105 vote. It included measures to fund cybersecurity at the state and local level, bolster reporting requirements and test critical infrastructure.
One bill, the State and Local Cybersecurity Act, would establish a grant program to provide $500 million annually to state and local governments over the next five years for cybersecurity needs. Rep. Yvette ClarkeYvette Diane ClarkeHaiti Caucus: Forging path out of crisis will not be quick, but necessary to avoid false ‘democracy’ US lawmakers express shock at Haitian president’s assassination The Hill’s Morning Report – Bidens to visit Surfside, Fla., collapse site MORE (D-N.Y.), chair of the House Homeland Security Committee’s cyber panel, is the lead sponsor of that bill.
Also included in the package was the Cybersecurity Vulnerability Remediation Act, which would improve the reporting of cybersecurity vulnerabilities. The bill, primarily sponsored by Rep. Sheila Jackson-Lee (D-Texas), was previously passed by the House in 2019, but failed to get a vote in the Senate.
A third bipartisan bill, sponsored by Rep. Elissa SlotkinElissa SlotkinDemocrat unveils bill to allow only House members to serve as Speaker House GOP campaign arm hits vulnerable Democrats on inflation in July 4 ad campaign DHS official told lawmakers there’s concern about Trump August reinstatement conspiracy theory MORE (D-Mich.), would require the Cybersecurity and Infrastructure Security Agency (CISA), an agency within the Department of Homeland Security (DHS), to establish a program to test critical infrastructure readiness against cyberattacks.
Another bill previously approved by the House in the last Congress was also passed Tuesday. The bipartisan Cyber Sense Act, spearheaded by Reps. Bob Latta (R-Ohio) and Jerry McNerneyGerlad (Jerry) Mark McNerneyIn defense of misinformation House Democrats want to silence opposing views, not ‘fake news’ Hillicon Valley: Biden signs order on chips | Hearing on media misinformation | Facebook’s deal with Australia | CIA nominee on SolarWinds MORE (D-Calif.), would require the secretary of Energy to establish a program to test the cybersecurity of products intended to be used in the bulk power system.
House Homeland Security Committee Chairman John KatkoJohn Michael KatkoBiden opens new cyber fight with China Moderate Democrats call for 9/11-style panel to probe COVID-19 origins Senate unanimously approves Jen Easterly to lead DHS cyber agency MORE (R-N.Y.), sponsor of the final bill passed Tuesday — the DHS Industrial Control Systems Capabilities Enhancement Act — applauded the chamber’s efforts to prioritize cybersecurity. This bill would enhance partnership between CISA and cyber stakeholders to strengthen critical systems.
“As I’ve said from day one, we must continue bolstering CISA’s authorities to defend our federal networks and the nation’s critical infrastructure from cyber threats,” Katko said in a statement. “Already this year, the nation has confronted numerous major attempts to compromise federal and private sector networks.”
All of the bills were approved on the heels of mounting cyberattacks by foreign adversaries and cyber criminals against critical U.S. organizations, including the ransomware attacks by Russian-linked cyber criminal groups on Colonial Pipeline and meat producer JBS USA.
The passage of the five measures on Tuesday came the day after the House unanimously passed two other pieces of legislation intended to secure the energy sector against cyberattacks, both previously approved by the House Energy and Commerce Committee.
The Energy Emergency Leadership Act, primarily sponsored by Rep. Bobby RushBobby Lee RushDemocrats seek to counter GOP attacks on gas prices Doug Emhoff carves out path as first second gentleman Granholm expresses openness to pipeline cyber standards after Colonial attack MORE (D-Ill.), would enhance the leadership at DHS to address cyber threats, while the Enhancing Grid Security Through Public-Private Partnerships Act, also sponsored by McNerney and Latta, would create a program to enhance cyber and physical electric grid security.
Both pieces of legislation were previously approved by the House last year. The Senate Energy and Natural Resources Committee included the Cyber Sense Act and the Enhancing Grid Security bill in its massive energy package, approved last week, that is expected to be part of a bipartisan infrastructure framework.
“The Colonial Pipeline ransomware attack was painful proof that bad actors are increasingly focused on exploiting and attacking our nation’s most critical infrastructure,” House Energy and Commerce Committee Chairman Frank Pallone (D-N.J.) and Rush said in a joint statement Tuesday following the passage of the energy sector bills.
“It’s absolutely crucial that we keep pace with the tools and resources necessary to both stop and mitigate fallout from these cyberattacks, and thankfully, today the House voted to do just that,” they added.
The legislation advanced Tuesday also drew praise from outsider observers, with former CISA Director Christopher Krebs tweeting his support for the CISA-linked legislation.
“Great to see these bi-partisan @CISAgov-enabling bills clear the House today, including boosting state/local cyber grants, expanding cyber exercises, and codifying the Agency as the front door for industrial control systems cybersecurity work,” Krebs tweeted. “On to the Senate!”