Wednesday, March 2, 2022

Review - Senate Passes S 3600 – Cybersecurity

Yesterday, the Senate took up S 3600, the Strengthening American Cybersecurity Act of 2022, which was introduced last week. The Senate considered the bill under the unanimous consent process. After adopting two amendments, the Senate passed S 3600 without debate or vote. The bill contains FISMA modifications similar to those found in S 2902, cybersecurity incident reporting requirements similar to those found in S 2875, as well as federal cloud security requirements.

Moving Forward

This strongly bipartisan action by the Senate would seem to grease the skids for this to pass quickly through the House and land on the President’s desk. Unfortunately, there are competing versions of portions of this bill in the House and this bill will have to overcome the ‘my bill first’ claims from at least two different House committees, Homeland Security and Science, Space, and technology. The current concerns about the Russian/Ukrainian related cybersecurity threats, may provide sufficient impetus to bring this bill to the floor of the House. If it gets by the two Chairs, this bill could easily be considered under the House suspension of the rules process and it could be on the President’s desk before the end of the month, or it could still be sitting on the Clerk’s desk at the end of the year.

Commentary:

This bill reflects a great deal of behind the scenes bargaining in the Senate. This will probably be the premier cybersecurity legislation for this Congress. My review today was done quickly to get it out and I am going to have to take a very detailed look at the cyber incident reporting requirements of §203. That post will come out later this week.

For more details about the provisions of this bill, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/senate-passes-s-3600 - subscription.

No comments:

 
/* Use this with templates/template-twocol.html */