Thursday, September 22, 2022

Bills Introduced – 9-21-22

Yesterday, with both the House and Senate in Washington, there were 46 bills introduced. Two of those bills will receive additional coverage in this blog:

S 4908 A bill to improve the visibility, accountability, and oversight of agency software asset management practices, and for other purposes. Peters, Gary C. [Sen.-D-MI]

S 4913 A bill to establish the duties of the Director of the Cybersecurity and Infrastructure Security Agency regarding open source software security, and for other purposes. Peters, Gary C. [Sen.-D-MI] 

I do not expect that either bill will directly address control system security, but they will almost certainly have longer range impacts on software security issues that will ultimately apply to control systems.

Note in Passing

I would like to point out an interesting concept found in the description of S 4914 that was also introduced yesterday. Here is how the purpose of the bill was officially described: “A bill to direct the Secretary of State to designate certain Mexican drug cartels as foreign terrorist organizations, and to submit a report to Congress justifying such designations in accordance with section 219 of the Immigration and Nationality Act.”

Now I have no problems with labeling Mexican drug cartels as ‘terrorist organizations’. The definition does not really fit, but the potential sanctions would probably be helpful. The interesting thing here is that  Congress would be directing the State Department to do something and then require the Department to justify taking that mandated action. The most obvious response would be to report: “You told us to do this, so we had to do it. We could not have done it if you had not required us to do it.”

No comments:

/* Use this with templates/template-twocol.html */