Committee Hearings – Week of 7-18-21

This week with both the House and Senate meeting in Washington, there will be a full slate of committee hearings. Hearings of interest include the markup of the Senate version of the FY 2022 National Defense Authorization Act, three cybersecurity hearings and the start of the consideration process for FY 2022 spending bills. And we will have an interesting slate of cybersecurity legislation being considered on the floor of the House.

NDAA Markup in Senate

The Senate Armed Services Committee will be marking up their version of the FY 2022 NDAA. Each subcommittee will be meeting to markup their portions of the NDAA on Monday and Tuesday. Then the full Committee will meet Wednesday and probably Thursday to complete the markup process. The subcommittee markups of interest here include:

• Monday - Subcommittee on Cybersecurity. CLOSED

• Tuesday - Subcommittee on Emerging Threats and Capabilities. CLOSED.

Cybersecurity Hearings

On Tuesday the House Small Business Committee will be holding a hearing on “Strengthening the Cybersecurity Posture of America’s Small Business Community”. This hearing is unlikely to specifically address control system security issues. The witness list will include:

• Tasha Cornish, Cybersecurity Association of Maryland, Inc.,

• Sharon Nichols, Mississippi Small Business Development Center,

• Kiersten Todt, Cyber Readiness Institute,

• Graham Dufault, The App Association,

On Tuesday the Subcommittee on Oversight and Investigations of the House Committee on Energy and Commerce will be holding a hearing on "Stopping Digital Thieves: The Growing Threat of Ransomware". This hearing is very likely to specifically address control system security issues and could get fairly technical. The witness list includes:

• Kemba Walden, Microsoft Corporation,

• Robert M. Lee, Dragos,

• Christian Dameff, M.D., M.S., Medical Director of Cybersecurity, UC San Diego Health,

• Charles Carmakal, FireEye-Mandiant

• Philip Reiner, Institute for Security and Technology

On Wednesday, the Senate Environment and Public Works Committee will be holding a hearing on “Addressing Cybersecurity Vulnerabilities Facing Our Nation’s Physical Infrastructure”. While the witness list is not yet available, there is a decent chance that there will be some discussion about control system cybersecurity issues. I would not be surprised to see witnesses from the water treatment sector.

Spending Bills

The House Rules Committee has announced that they are accepting amendments for the first spending bill for FY 2022. The House will be considering a minibus (multiple spending bills under one bill number), probably next week. The amendment deadline is Wednesday evening and the Committee is likely to hold their rulemaking hearing next Monday.

The slate for the first minibus is set to include:

Division A (Labor, Health and Human Services, Education),

Division B (HR 4356 – Agriculture, Rural Development),

Division C (Energy and Water Development),

Division D (HR 4345 – Financial Services and General Government),.

Division E (HR 4372 – Interior, Environment),

Division F (HR 4355 – Military Construction, Veterans Affairs),

Division G (Transportation, Housing, and Urban Development),

I do not typically review the FSG, or MCV spending bills, and the ARD bill contained nothing that I cover in this blog. The LHHS and THUD bills will probably be introduced today.

On the Floor

The House will be spreading their 27 bills considered under suspension of the rules over two days this week. The list includes seven cybersecurity bills:

• Monday

◦ HR 2931 – Enhancing Grid Security through Public-Private Partnerships Act,

◦ HR 2928 – Cyber Sense Act of 2021

• Tuesday

◦ HR 1871 – Transportation Security Transparency Improvement Act,

◦ HR 3138 – State and Local Cybersecurity Improvement Act, as amended,

◦ HR 1833 – DHS Industrial Control Systems Capabilities Enhancement Act of 2021, as amended,

◦ HR 2980 – Cybersecurity Vulnerability Remediation Act, as amended,

◦ HR 3223 – CISA Cyber Exercise Act

Republicans have been forcing recorded votes on the suspension bills. Democrats have responded by voting on some and including the remainder in the vote on the language of the rule for consideration of bills under regular order. This may make reporting passage of these bills somewhat piece meal.