Wednesday, October 25, 2017

HR 3101 Passed in House – Port Cybersecurity

Yesterday the House passed HR 3101, the Strengthening Cybersecurity Information Sharing and Coordination in Our Ports Act of 2017, by a voice vote.

As I noted in an earlier post the version of the bill approved yesterday is not the same version that was reported by the House Homeland Security Committee. The amended text is available in the Congressional Record. The change is inconsequential; a reformatting of the list of organizations to be included in the information sharing recommendations in §2(5).

This bill had wide bipartisan support in the House and will likely have the same in the Senate if it reaches the floor for consideration, not a necessarily guaranteed action. I do suspect that the bill will eventually be considered under the Senate’s unanimous consent provisions with no debate, no vote, and few Senators on the floor of the Senate. Nothing untoward in this, it is just the way that the Senate expeditiously handles non-controversial legislation. A single objection from the floor would prevent the action going forward, so the leadership is careful about how the process is used.

As I have noted in previous discussions, this bill continues to use the IT-limited cybersecurity definitions of 6 USC 148. This means that the provisions of this bill do not specifically include control system cybersecurity in the vulnerability assessment and security plan provisions the added cybersecurity requirements for 46 USC §70102 and §70103. This is a serious deficiency in the bill, and it will not be corrected as no further amendment processes are likely to be included in the future consideration of the bill.

No comments:

/* Use this with templates/template-twocol.html */