Last week Sen Mullins (R,OK) introduced S 2257, the FY 2026 Legislative Branch spending bill. The Senate Appropriations Committee also published their Report on the bill. There are no cybersecurity mentions in the bill, but there are five discussions about cybersecurity issues in the Report. There is one drone restriction in the bill, but no related discussions in the Report.
This bill is similar to S 4678, the Legislative Branch Appropriations Act, 2025, that was introduced by Sen Reed (D,RI) in July, 2024. No action was taken on that bill in the Senate. That is not unusual since the Senate typically takes up the House version of spending bills, and then substitutes language from their bill, but the Senate did not take up HR 8772 (the House version) either.
Moving Forward
As I mentioned above, this bill (as such) will never be considered by the Senate. If the Senate does take up the House version, it would be expected to substitute language from this bill. It is too early to tell what the chances are of the Senate taking up this (or any of the other 11) spending bills this session.
Commentary
The Appropriations Committee continues to ignore unique cybersecurity
needs of the operational networks (surveillance, access control, and building
systems) on Capital Hill. This is not unexpected, given how the cybersecurity
needs of these systems are rather poorly addressed in general, but it would
have been interesting to see the Committee requiring the GAO to prepare a
report on the cybersecurity status and needs of these systems. A really impressive
report would include a classified annex listing all of the unpatched
vulnerabilities in those systems.
For additional information on the provisions of this bill,
including expanded commentary, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/s-2257-introduced-fy-2026-legislative
- subscription required.
Posts
No comments:
Post a Comment