Yesterday the House passed HR
3101, the Strengthening Cybersecurity Information Sharing and Coordination
in Our Ports Act of 2017, by a voice
vote.
As I noted in an earlier
post the version of the bill approved yesterday is not the same version
that was reported by the House Homeland Security Committee. The amended text is
available in the Congressional
Record. The change is inconsequential; a reformatting of the list of
organizations to be included in the information sharing recommendations in §2(5).
This bill had wide bipartisan support in the House and will
likely have the same in the Senate if it reaches the floor for consideration,
not a necessarily guaranteed action. I do suspect that the bill will eventually
be considered under the Senate’s unanimous consent provisions with no debate,
no vote, and few Senators on the floor of the Senate. Nothing untoward in this,
it is just the way that the Senate expeditiously handles non-controversial
legislation. A single objection from the floor would prevent the action going
forward, so the leadership is careful about how the process is used.
As I have noted in previous discussions, this bill continues
to use the IT-limited cybersecurity definitions of 6
USC 148. This means that the provisions of this bill do not specifically
include control system cybersecurity in the vulnerability assessment and security
plan provisions the added cybersecurity requirements for 46 USC §70102
and §70103.
This is a serious deficiency in the bill, and it will not be corrected as no
further amendment processes are likely to be included in the future
consideration of the bill.
Posts
No comments:
Post a Comment