Review – HR 4046 Introduced – Ag Cybersecurity Centers

In June Rep Nunn (R,IA) introduced HR 4046, the Cybersecurity in Agriculture Act of 2025. The bill would require the National Institute of Food and Agriculture (NIFA) to establish five Regional Agriculture Cybersecurity Centers (RACC) to carry out research, development, and education on agriculture cybersecurity. The bill would authorize $25 million in annual spending to support the Centers through 2028.

Moving Forward

Both Dunn and his sole cosponsor {Rep Davis (D,NC)} are members of the House Agriculture Committee to which this bill was assigned for consideration. This means that their may be sufficient influence to see the bill considered in Committee. I suspect that there would be some level of bipartisan support for the bill in Committee, but the new spending will run afoul of efforts of the many Republicans to radically reduce spending. The bill might be able to clear the Committee, but I doubt that there would be enough influence to see the bill overcome that objection and move to the floor of the House. I suspect that the bill could pass with bipartisan support if it were considered by the full House, but not under the suspension of the rules process; a super majority vote would be difficult to achieve.

Commentary

There is one major deficiency in this bill, it lacks any mention of cybersecurity vulnerabilities in agricultural systems. The RACCs should be conducting vulnerability research, act as vulnerability disclosure coordinators for agricultural systems, and coordinate with CISA’s NCCIC in publishing advisories about reported vulnerabilities.

To support those vulnerability related efforts, I would add a new §2(b)(9):

“(9) conduct vulnerability research on agricultural control system, act as a coordinator between researchers and vendors, and, in coordination with CISA’s National Cybersecurity and Communications Integration Center, publish advisories describing discovered cybersecurity vulnerabilities in agricultural control systems.

 

For more details about the provisions of this bill, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-4046-introduced-ag-cybersecurity - Subscription required.