Earlier this week the House Homeland Security Committee amended and approved HR 5459, the Cyber Preparedness Act of 2015. The amendment made a number of relatively minor changes to the requirements for sharing cybersecurity information with fusion centers. The most important change was to add a definition of ‘cybersecurity risk’, adopting the language of 6 USC 148(a)(1). As I noted earlier, this definition does not include control systems.
Unfortunately, the way that that definition was added to the bill does not extend that definition to the expansion of authorized expenditures for grants under the Urban Area Security Initiative and State Homeland Security Grant Program. This may be less important than the addition of the definition earlier in the bill because DHS has a certain amount of leeway in how they disperse grants under these programs.
This bill is currently scheduled for consideration under suspension of the rules this Wednesday. It will likely pass with substantial bipartisan support. The big question facing this bill is whether or not it will be taken up by the Senate. This late in the session, it is likely that the only way this bill would come to the floor would be through the unanimous consent process. That would mean that there would be no further chances to amend this bill before it is sent to the President.