Monday, April 4, 2022

Review - S 3894 Introduced – Cybersecurity Diagnostics and Monitoring

Last month, Sen Cornyn (R,TX) introduced S 3894, the Advancing Cybersecurity Through Continuous Diagnostics and Mitigation Act. The bill would amend 6 USC 663, Federal intrusion detection and prevention system, by adding a new subsection (g). That subsection would require CISA to “deploy, operate, and maintain a continuous diagnostics and mitigation program for agencies” of the federal government and conduct a pilot program providing the same to not less than five State, local, Tribal, or territorial governments. No new spending is authorized in this bill.

Moving Forward

While Cornyn is not a member of the Senate Homeland Security and Governmental Affairs Committee to which this bill was assigned for consideration, his sole cosponsor {Sen Hassan (D,NH)} is a member. This means that there should be sufficient influence to see this bill considered in Committee. I do not see anything in this bill that would engender organized opposition and I think the bill would receive significant bipartisan support if considered.

Commentary

The underlying §663 that this bill amends sets forth some very broad requirements for an intrusion detection and prevention system in the existing subsection (b). This new subsection (g) would flesh out those basic requirements. It does not appear, however, to require any new CISA activities that the agency is not already providing for the federal government.

For more details about the provisions of this bill, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/s-3894-introduced - subscription required.

No comments:

 
/* Use this with templates/template-twocol.html */