Yesterday the Senate amended and then passed S
1281, the Hack the Department of Homeland Security (Hack DHS) Act of 2017,
by a voice vote. The Senate took up the substitute language adopted
by the Senate Homeland Security and Governmental Affairs Committee with a small
change being made by a floor amendment.
The amendment changed the language in §2(c) of the bill. It
changed the reporting requirements for the report to Congress on the pilot program
outlined in the bill, changing the reporting time frame from 90-days to
180-days. The amendment was adopted by unanimous consent. The amendment was offered
by Sen. McConnell (R,KY) for Sen. Hassan (D,NH), the author of the bill.
The bill, as amended, would require DHS to establish “a bug
bounty pilot program to minimize vulnerabilities of Internet-facing information
technology of the Department” {§2(b)(1)}.
The bill uses an IT-limited definition of ‘information system’, so building
control, access control, and security monitoring functions would not
technically be covered by the pilot program.
The bill was brought to the floor under the Senate’s ‘unanimous
consent’ process. A single senator could have prevented the bill from being
considered. This means that the bill had a significant measure of bipartisan
support and no opposition. If the bill is taken up in the House (and I suspect
that it will), it is almost certain to be considered under the House ‘suspension
of the rules’ process with limited debate and no amendments from the floor.
Posts
No comments:
Post a Comment