The House Homeland Security web site now has complete listings for the seven bills that it will be marking up this afternoon. Four of the bills are cybersecurity bills and a fifth deals with critical infrastructure. I have not yet had a chance to publish detailed reviews of each of these bills, so I am going to do a quick review of those that I have not reviewed.
The five bills of interest are:
• HR
2980, the “Cybersecurity Vulnerability Remediation Act”
• HR 3138, the “State and Local
Cybersecurity Improvement Act”
• HR 3223, the “CISA Cyber Exercise
Act”
• HR 3243, the “Pipeline Security
Act”
• HR 3264, the “Domains Critical to Homeland Security Act”
HR 3138
This bill is similar to HR 5823 from last session. It would establish a grant program, the State and Local Cybersecurity Grant Program, with $500 million being authorized each year for the program through 2026. Each grant applicant would have to submit a cybersecurity plan to DHS for approval. Each applicant would also have to establish a cybersecurity planning committee. Multi-state grants would be authorized.
CISA would be required to establish a State and Local Cybersecurity Resiliency Committee. CISA would also be required to prepare and maintain a resource guide to help officials identify, prepare for, detect, protect against, respond to, and recover from cybersecurity risks, cybersecurity threats, and incidents.
Definition of ‘information system’ in this bill uses the ICS inclusive definition from 6 USC 1501.
HR 3223
This bill would amend the Homeland Security Act or 2002 by adding a new section 2220A, National Cyber Exercise Program. It would require CISA to establish a National Cyber Exercise Program to evaluate the National Cyber Incident Response Plan. No additional funding authorization is provided. CISA is already conducting similar cybersecurity exercises.
HR 3243
This bill (Committee Print) would amend 49 USC 114, Transportation Security Administration, mandating that TSA continue being responsible for securing pipeline transportation and pipeline facilities against cybersecurity threats {new §114(f)(16)}.
It would also add a new section 1631, Pipeline Security Section, to a new Subtitle D, Pipeline Security, to the Homeland Security Act of 2002. It would require TSA to establish a pipeline security section to implement the responsibilities of §114(F)(16) {§1631(a)}. The new section would include personnel with cybersecurity expertise {§1631(c)}.
HR 3264
This bill
(Committee Print) would add a new section 890B, Homeland Security Critical
Domain Re6 Search And Development, to the Homeland Security Act of 2002. It
defines two new terms {§890B(c)}: ‘United States critical domains for economic
security’ (NOT related to the cyber term
‘domains’) and ‘economic security’. Section 890B(a) would authorize research
and development to identify and evaluate United States critical domains for
economic security and homeland security. The bill authorizes $1 million for
this program.
Posts
No comments:
Post a Comment