Wednesday, April 18, 2018

S 1281 Passes in Senate – Hack DHS Act

Yesterday the Senate amended and then passed S 1281, the Hack the Department of Homeland Security (Hack DHS) Act of 2017, by a voice vote. The Senate took up the substitute language adopted by the Senate Homeland Security and Governmental Affairs Committee with a small change being made by a floor amendment.

The amendment changed the language in §2(c) of the bill. It changed the reporting requirements for the report to Congress on the pilot program outlined in the bill, changing the reporting time frame from 90-days to 180-days. The amendment was adopted by unanimous consent. The amendment was offered by Sen. McConnell (R,KY) for Sen. Hassan (D,NH), the author of the bill.

The bill, as amended, would require DHS to establish “a bug bounty pilot program to minimize vulnerabilities of Internet-facing information technology of the Department” {§2(b)(1)}. The bill uses an IT-limited definition of ‘information system’, so building control, access control, and security monitoring functions would not technically be covered by the pilot program.

The bill was brought to the floor under the Senate’s ‘unanimous consent’ process. A single senator could have prevented the bill from being considered. This means that the bill had a significant measure of bipartisan support and no opposition. If the bill is taken up in the House (and I suspect that it will), it is almost certain to be considered under the House ‘suspension of the rules’ process with limited debate and no amendments from the floor.

No comments:

/* Use this with templates/template-twocol.html */