Wednesday, May 4, 2022

Review - HR 7629 Introduced – Satellite Cybersecurity Reporting

Last week, Rep Malinowski (D,NJ) introduced HR 7629, the Satellite Cybersecurity Act. The bill would require the GAO to prepare a report to Congress on the cybersecurity of commercial satellite systems. It would also require CISA to establish a Commercial Satellite System Cybersecurity Clearinghouse. No funding authorization is included in the legislation. This bill is very similar to S 3511.

Malinowski and his sole cosponsor {Rep Garbarino (R,NY)} are members of the House Homeland Security Committee to which this bill is assigned for primary consideration of this legislation. This means that there should be sufficient influence to see this bill considered in Committee. I see nothing in the bill that would engender any organized opposition. I suspect that the bill would receive substantial bipartisan support within the Committee and would probably be considered in the Full House under the suspension of the rules process.

This bill utilizes semi-technical terms (cybersecurity risk and threat) that come from two different sections of the Homeland Security Act of 2002 and those terms rely on definitions of the term ‘information system’ that contain two different takes on control system security, only one specifically includes industrial control systems within the scope of the definition. HR 7629 does nothing to address those definitional issues, but it does specifically address the different cybersecurity requirements of purely informational security and operational security. For that, the staff members that crafted the bill are to be commended. And realistically, a bill like this is probably not the proper vehicle for addressing the conflicting cybersecurity definitional issues that I harp on so frequently.


For more information about the legislative details, see my article at CFSN Detailed Analysis - - subscription required.

No comments:

/* Use this with templates/template-twocol.html */