Last week Rep Walberg (R,MI) introduced HR 1160, the Critical Electric Infrastructure Cybersecurity Incident Reporting Act. The bill would make DOE the designated agency to receive cybersecurity incident reports from critical electric infrastructure. It would also require DOE to publish regulations covering those reporting requirements. No spending is authorized in the bill.
The bill amends 16 USC 824o–1, Critical electric infrastructure security.
Moving Forward
As I reported earlier today, the Subcommittee on Energy,
Climate, and Grid Security of the House Energy and Commerce Committee will hold
a markup
hearing that includes this bill. This indicates that the Committee
leadership considers this an important bill. It is likely that there will be at
least some level of bipartisan support for this bill. Moving this bill to the
floor of the full House may be difficult because these reporting requirements conflict
with the requirements of Cyber Incident Reporting for Critical Infrastructure
Act of 2022 (Division Y of PL 117-103)
that designate CISA as the agency to receive cybersecurity incident reports and
sets a 72 hour reporting standard.
For more details about the provisions of this bill, see my
article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-1160-introduced
- subscription required.
Posts
No comments:
Post a Comment