House Rejects Rule for HR 5393 – FY 2024 CJS Spending

Yesterday, the House took up H Res 869, the proposed rule for the consideration of HR 5893 [removed from paywall], the Commerce, Justice, Science, and Related Agencies Appropriations Act, 2024. After 55 minutes of debate (starting at 09:25 EST), the resolution failed by a vote of 198 to 225, with 19 Republicans voting with Democrats to defeat the rule. Whether the Republican Nay’s were due to disagreement with the provisions of HR 5893, or retaliation for the Speaker’s working with Democrats to earlier pass HR 6363, the ladder CR, it is clear that the Republican leadership continues to have problems with managing their conference.

Rep Roy (R,TX) one of the leaders of the fringe element of the Republican House, who is a member of the Rules Committee, and voted against the Resolution on the floor, did not vote against the rule in the Rules Committee hearing on Tuesday. In fact, he did not attend the meeting.

The House adjourned yesterday for their long Thanksgiving weekend. Presumably, after some internal negotiations, a new rule for the consideration of the bill could be considered after the House returns on November 28^th.

NOTE: The Crenshaw amendment that I discussed in by post on HR 5893 was included in the list of amendments approved to be submitted on the floor as Amendment #80. That was the only amendment of the 119 approved by the House Rules Committee in H Rept 118-27 of specific interest here.

 

Review - HR 5893 Introduced – FY 2024 CJS Spending

Last month, Rep Rogers (R,KY) introduced HR 5893, the Commerce, Justice, Science, and Related Agencies Appropriations Act, 2024. The House Appropriations Committee did not publish a report for this bill, nor has it published an explanatory text as it did for HR 5894. There are three cybersecurity mentions in the bill, none of particular interest here. There have been 285 amendments submitted to the House Rules Committee for possible inclusion in the rule for the consideration of the bill. Only one of those amendments is of potential specific interest here.

Moving Forward

The Rules Committee is scheduled to meet tomorrow to formulate the rule for the consideration of the bill on the floor of the House. The bill could move to the floor later this week. Based upon actions from last week, I think that there is a very real possibility that the bill will proceed through consideration of the amendments selected by the Committee, but floor action will stop before the final vote is taken. I have no idea what the House leadership is going to do with HR 4820, the THUD spending bill, and HR 4664, the Financial Services spending bill, but I suspect they will have to do the same with this bill.

Commentary

Spending bills have always been something of a legislative problem, but this year the House Republicans have elevated the problems to heights never considered before. This bill, and its late introduction partner HR 5894, the LHH spending bill, were introduced almost three months after the other 10 spending bills this year, and more importantly after Speaker McCarthy was fired. The bill could not be offered earlier due to disagreements in the Committee about what anti-DOJ measures were going to be included. The inability of the Committee to come to agreement bodes ill for this bill moving forward in the House.

For more details about the cybersecurity issues addressed in the bill and amendments proposed for the bill, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-5893-introduced - subscription required.

Review - HR 8256 Introduced – FY 2023 CJS Spending

Last week Rep Cartwright (D,PA) introduced HR 8256, the Commerce, Justice, Science, and Related Agencies Appropriations Act, 2023. The House Appropriations Committee completed their Report on the bill. There are two cybersecurity mentions beyond internal agency cybersecurity funding in the bill. There are four additional cybersecurity related mentions in the Report.

As one of the 12 primary spending bills, this bill is likely to make it to the floor of House where numerous amendments will be offered and many will be adopted. Then the bill will pass by a near party line vote. Then, as in years past, the bill will die of lack of attention in the Senate. Then around December, we will see some sort of omnibus spending bill passed. There will be some recognizable similarity of the CJS provisions of that bill to this one. More importantly, the conference report for that bill will incorporate the report for this bill.

For more details about the cybersecurity provisions of the bill, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-8256-introduced - subscription required.

Review - HR 2471, Division B, CJS Provisions – FY 2022 Spending

In this post, I am looking at Division B of HR 4241, the Consolidated Appropriations Act, 2022. Division B is the Commerce, Justice, Science, and Related Agencies Appropriations Act, 2022. This equates with HR 4505 that was introduced in July of last year, but was never considered in the House.

As with most spending bills, the details of interest about the spending levels and program instructions from the House and Senate Appropriations Committees are found in the Joint Explanatory Statement (JES) for the Division. The JES acknowledges the program requirements of the Committee Report on HR 4505, and continues most of those requirements while adding some new instructions.

Spending

The table below shows the spending for FY 2022 for four agencies covered by Division B that are frequently mentioned in this blog. Each agency received more funding than they did in FY 2021, but less than the House proposed in HR 4505. There was no Senate bill introduced for this fiscal year to compare against.

Spending in 1,000s	HR 2471	Δ from 2021	Δ from HR 4505
BIS	$141,000	+$8,000	-$2,410
NTIA	$50,000	+$4,500	-$29,000
NIST	$1,230,063	+$195,563	-$139,007
NSF	$8,838,000	+$351,241	-$796,036

For more details on Division B cybersecurity issues, including new program instructions from the House and Senate appropriators, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-2471-division-b-cjs-provisions - subscription required.

Review - HR 4505 Introduced – FY 2022 CJS Spending

Earlier this month, Rep Cartwright (D,PA) introduced the marked up version of HR 4505, the Commerce, Justice, Science, and Related Agencies Appropriations Bill, 2022. The Appropriations Committee Report on the bill is also available. As is usual there are no cybersecurity provisions (beyond spending amounts for internal agency cybersecurity activities), but there are seven cybersecurity comments in the Report.

Moving Forward

As I noted earlier this morning, this bill is being rolled into the second spending minibus this year along with the Legislative and State spending bills (probably under HR 4336). The House Rules Committee will meet tomorrow to establish the rule for the floor debate on the 2^nd minibus. There have been 134 amendments submitted for this bill. Only one of those amendments is of concern here:

#4, Rep Langevin - Increases funding for NSF Education and Human Resources by $10,000,000. The money will be used for the CyberCorps: Scholarship for Service program in line with the funding recommendation from the Cyberspace Solarium Commission. Offset by an equal decrease to Federal Prison System – Salaries.

I suspect that the minibus will be passed along mainly party lines.

For more details about the cybersecurity comments, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-4505-introduced - subscription required.

HR 7667 Reported in House – FY 2021 CJS Spending

Earlier this month the House Appropriations Committee published their marked-up version of HR 7667, the Commerce, Justice, Science, and Related Agencies Appropriations Act, 2021 along with their Report on the bill. There were no specific mentions of cybersecurity in the bill, but the Report did include several cybersecurity mentions, only one addressed control system security issues.

Industrial Control Systems

On page 24 of the Report the Committee discussed the importance of NIST’s Scientific and Technical Research and Services work on advanced manufacturing systems. They directed NIST “to prioritize

new STRS funds to achieve fundamental scientific understanding of manufacturing processes and equipment and to enable new smart manufacturing systems capabilities for high-priority metals-based additive manufacturing, manufacturing robotics, and cybersecurity for industrial control systems [emphasis added].”

Cyber Threats

On page 19 the Committee expressed their concerns about cybersecurity issues around on-line data collection efforts in the 2020 Census. They directed “the Census Bureau to prioritize cyber protections and high standards of data differential privacy”.

On page 24 the Committee discussed threats to the ‘digital economy’ and urged “NIST to address the rapidly emerging threats in this field by furthering the development of new and needed cryptographic standards and technologies”.

Cybersecurity Training

The report addressed a number of cybersecurity training initiative, including:

• National Initiative for Cybersecurity Education (pg 24),

• Cybersecurity Training for the Manufacturing Extension Partnership (MEP) program (pg 26),

• CyberCorps (pg 137),

Moving Forward

This bill will be included in second FY 2021 spending minibus, HR 7617. The House is currently scheduled to take up that minibus tomorrow.

Bills Introduced – 7-16-20

Yesterday with both the House and Senate meeting in pro forma session there were 60 bills introduced. Of those three may receive additional coverage in this blog:

HR 7616 Making appropriations for the Departments of Transportation, and Housing and Urban Development, and related agencies for the fiscal year ending September 30, 2021, and for other purposes. Rep. Price, David E. [D-NC-4]

HR 7617 Making appropriations for the Department of Defense for the fiscal year ending September 30, 2021, and for other purposes. Rep. Visclosky, Peter J. [D-IN-1]

HR 7667 Making appropriations for the Departments of Commerce and Justice, Science, and Related Agencies for the fiscal year ending September 30, 2021, and for other purposes. Rep. Serrano, Jose E. [D-NY-15]

Bills Introduced – 09-26-19

Yesterday with both the House and Senate preparing to leave Washington for a two-week recess, there were 114 bills introduced. Four of these bills may see additional coverage in this blog:

S 2556 A bill to amend the Federal Power Act to provide energy cybersecurity investment incentives, to establish a grant and technical assistance program for cybersecurity investments, and for other purposes. Sen. Murkowski, Lisa [R-AK]

S 2580 An original bill making appropriations for the Department of the Interior, environment, and related agencies for the fiscal year ending September 30, 2020, and for other purposes. Sen. Murkowski, Lisa [R-AK]

S 2582 An original bill making appropriations for the Department of Homeland Security for the fiscal year ending September 30, 2020, and for other purposes. Sen. Capito, Shelley Moore [R-WV]

S 2584 An original bill making appropriations for the Departments of Commerce and Justice, Science, and Related Agencies for the fiscal year ending September 30, 2020, and for other purposes. Sen. Moran, Jerry [R-KS]

HR 3055 Introduced – FY 2020 CJS Spending

Earlier this week Rep. Serrano (D,NY) introduced HR 3055, the Commerce, Justice, Science, and Related Agencies (CJS) Appropriations Act, 2020. The bill does not contain any significant cybersecurity language, the Appropriations Committee Report does contain some cyber language; none of it specifically addresses control system security issues.

Cyber Issues

In the National Institute of Standards and Technology (NIST) portion of the report, the Committee briefly addresses cybersecurity issues. On page 20, the Committee “encourages NIST to utilize existing expertise within its Information Technology Laboratory to increase cybersecurity technical training to small manufacturers to strengthen their cybersecurity capabilities”.

In the Department of Justice portion of the report, the Committee briefly touches on cyber-enabled crime. On page 46, the Committee “directs the Department of Justice and other relevant agencies to work with the private sector to establish best practices for active cyber defense techniques to better defend American companies from cyberattack.” Later, on page 69, the Report follows up on a not yet submitted report required by the FY 2019 spending bill on “crimes committed against individuals and facilitated by the interstate telecommunications system”; directing DOJ “to submit the report in a timely manner to ensure the Committee has the information necessary to assess and deal with these crimes.”

On page 100 the Report has two cyber related notes for the National Science Foundation (NSF). In the first the Committee “NSF to form partnerships with Hispanic Serving Institutions and Historically Black Colleges and Universities with respect to cybersecurity research”. Next, after noting that the Committee is continuing funding of the CyberCorps scholarship program at 2019 levels, the Report “urges NSF to continue work with qualified community colleges including through providing scholarships and apprenticeship opportunities”.

Moving Forward

This bill will probably be included in the second ‘minibus’ later this month. This bill will pass in the House. Looking at the ‘Minority Views’ section (pgs 153-4) of the bill, there is some Republican dissatisfaction with some of the terms of the bill, but it hardly seems vociferous. Thus the vote will likely be mostly partisan, but there should be some room for developing a compromise conference bill before the end of the fiscal year.

Bills Introduced – 06-03-19

Yesterday with both the House and Senate in session, there were 24 bills introduced. Three of those bills are likely to see additional coverage in this blog:

HR 3052 Making appropriations for the Department of the Interior, environment, and related agencies for the fiscal year ending September 30, 2020, and for other purposes. Rep. McCollum, Betty [D-MN-4] 

HR 3055 Making appropriations for the Departments of Commerce and Justice, Science, and Related Agencies for the fiscal year ending September 30, 2020, and for other purposes. Rep. Serrano, Jose E. [D-NY-15]

HR 3060 To provide for reform and reorganization of the Federal Emergency Management Agency, and for other purposes. Rep. Jackson Lee, Sheila [D-TX-18] 

As usual, I will be watching the spending bills for cybersecurity language (particularly for industrial control systems) and chemical safety provisions.

HR 3060 may be interesting. I suspect that it will mainly deal with hurricane response issues, but I will but could include language making changes to grant programs and there is a remote chance that emergency response planning (both for chemical and cyber incidents) may be covered.

S 3072 Introduced – FY 2019 CJS Spending

Last week Sen. Moran (R,KS) introduced S 3072, the Commerce, Justice, Science, and Related Agencies (CJS) Appropriations Act, 2019. As expected there is no mention in the actual bill of any cybersecurity requirements beyond the financing of each department and agencies internal IT cybersecurity program. The Committee Report for the bill, however, does mention three cybersecurity topics; workforce development, medical device cybersecurity research and research into the industrial internet of things (IIoT). All of those mentions are found under the section of the report dealing with the National Institute of Standards and Technology (NIST) on page 21.

Workforce Development

The Report notes that the Committee expects funding for to continue at 2018 levels for workforce development activities and specifically recommends that:

“Within the funds provided, the Committee encourages NIST to fund additional university system-led State and regional alliances and partnerships to focus on meeting the demand for a trained cybersecurity workforce, with a priority being placed on areas with a high concentration of Department of Defense, automotive, and health care related industries.”

Medical Technology Cybersecurity

While no specific funding is mentioned, the Report specifically “directs NIST to partner and work directly with academic institutions focused on computer security and privacy, with expertise in research to develop secure medical technologies, including secure medical devices, secure and privacy preserving medical software systems, and in training future scientists and practitioners in state-of-the-art techniques for supporting secure medical technologies.”

IIoT

The Committee directed NIST to spend “no less than $2,000,000 for the continued development of an IIoT cybersecurity research initiative”. That research effort would be designed to help “industry to improve the sustainable security of IIoT devices in industrial settings, including new designs, protocols, algorithms, system architectures, identity and lifecycle strategies, and system hardware features, as well as proposed security standards. This proposed research will account for human, technical, and economic dimensions.”

Moving Forward

As with the other Senate spending bills that I have looked at so far this year. There was strong bipartisan support for this bill in the Senate Appropriations Committee. The final vote on the bill (pg 150 of the report) was 30 to 1 in support of the bill, with only Sen. Lankford (R,OK) voting against the bill. This would indicate that there should be no problem overcoming the initial cloture requirement to have debate begin on the floor of the Senate on HR 5952 for which this bill will form the substitute language that will be debated in the Senate.

Bills Introduced – 06-14-18

Yesterday with both the House and Senate in session there were 43 bills introduced. Of those, one may be of specific interest to readers of this blog:

S 3072 An original bill making appropriations for the Departments of Commerce and Justice, Science, and Related Agencies for the fiscal year ending September 30, 2019, and for other purposes. Sen. Moran, Jerry [R-KS] 

HR 5952 Introduced – FY 2019 CJS Spending Bill

Last week Rep. Culberson (R,TX) introduced HR 5952, the Commerce, Justice, Science, and Related Agencies (CJS) Appropriations Act, 2019. There is one cybersecurity provision in the bill that may be of interest to readers of this blog and a couple of related comments in the Committee Report on the bill that bear review.

Cybersecurity

Section 513 of the bill provides binding guidance to all of the agencies funded by this bill on the supply chain security requirements for all “high-impact or moderate impact information system” {§513(a)} as defined by NIST FIPS SP 199. The requirements include:

• Reviewing the supply chain risk for the information systems against criteria developed by NIST and the Federal Bureau of Investigation (FBI);

• Reviewing the supply chain risk from the presumptive awardee against available and relevant threat information provided by the FBI and other appropriate agencies; and

• Conducting an assessment of any risk of cyber-espionage or sabotage associated with the acquisition of such system, including any risk associated with such system being produced, manufactured, or assembled by one or more entities identified by the United States Government as posing a cyber threat, specifically including those that may be owned, directed, or subsidized by the People’s Republic of China, the Islamic Republic of Iran, the Democratic People’s Republic of Korea, or the Russian Federation.

SP 199 used the IT-centric definition of ‘information system’ from 44 USC 3502(8).

Committee Comments

In its discussion of spending for the National Institute of Standards and Technology (NIST) the Committee addresses internet of things (IOT) (pg 12):

“The Committee recognizes the importance of United States’ leadership in addressing security concerns for users and data within the Internet of Things and appreciates NIST’s ongoing work in this area. The Committee encourages NIST to continue strengthening its cybersecurity standard-setting efforts related to the Internet of Things.”

Later (on pg 80) the Committee briefly addresses cybersecurity research:

“The Committee encourages NSF to form partnerships with Hispanic Serving Institutions and Historically Black Colleges and Universities with respect to cybersecurity research.”

Moving Forward

Most of my comments about HR 5895 moving forward apply to this bill as well. There is one big difference, however, there is not bipartisan support for HR 5952 in the Appropriations Committee (and I apparently overstated the bipartisan support that could be expected on HR 5895 as well). Comments by Ranking Member Lowey (D,NY) and Subcommittee Ranking Member Serrano (D,NY) in the ‘Minority Views’ (pgs 136-42) portion of the report outline the problems that the Democrats have with the bill. They close those comments by noting (pg 142):

“Inviting partisanship back into the appropriations process by shortchanging critical domestic and international priorities will endanger the good work in this and other bills.”

The lack of bipartisan support will not stop these bills from passing in the House (unless there is significant conservative opposition as well). But, if the Senate has similar problems with the lack of bipartisan support for their version of this bill (yet to be published) or the EWR bill, these stand-alone spending bills will not move to the Senate floor, killing chances of getting 12 spending bills to the President before the November elections, much less before the end of the fiscal year.

Commentary

The §513 provisions on supply chain security could end up being the next big thing in cybersecurity protections and the supply-chain issues would certainly apply to control systems as well. Interestingly, the SP 199 definitions of “high-impact or moderate impact information system” (Table 1, pg 6) could be directly applicable to control system evaluations if the ICS-friendly definition of ‘information systems’ used in 6 USC 1501 were applied in FIPS.

To make this section work to include control system supply-chain security issues we would just have to add a new paragraph (c) to §513:

(c) In determining which information systems meet the requirements of high-impact and medium impact for the purposes of (a), the definition of ‘information system’ used in 6 USC 1501 will be used.

Bills Introduced – 05-24-18

Yesterday, with both the House and Senate preparing to leave Washington for their long Memorial Day Weekend, there were 75 bills introduced. Of these, four bills may be of specific interest to readers of this blog:

HR 5952 Making appropriations for the Departments of Commerce and Justice, Science, and Related Agencies for the fiscal year ending September 30, 2019, and for other purposes. Rep. Culberson, John Abney [R-TX-7]

HR 5961 Making appropriations for Agriculture, Rural Development, Food and Drug Administration, and Related Agencies programs for the fiscal year ending September 30, 2019, and for other purposes. Rep. Aderholt, Robert B. [R-AL-4]

S 2975 An original bill making appropriations for energy and water development and related agencies for the fiscal year ending September 30, 2019, and for other purposes. Sen. Alexander, Lamar [R-TN]

S 2976 An original bill making appropriations for Agriculture, Rural Development, Food and Drug Administration, and Related Agencies programs for the fiscal year ending September 30, 2019, and for other purposes. Sen. Hoeven, John [R-ND] 

S 2837 Introduced – FY 2016 CJS Spending

Last week Sen. Shelby (R,AL) introduced S 2837, the Commerce, Justice, Science, and Related Agencies (CJS) Appropriations Act, 2017. As is usual, there is no mention of cybersecurity in the actual bills beyond internal cybersecurity spending. There are, however, some interesting comments in the Appropriations Committee Report.

NIST Cybersecurity

The Committee provides (pg 18) a total of $75 million for cybersecurity activities; including:

• $33 million for the National Cybersecurity Center of Excellence [NCCoE];

• $4 million for the National Initiative for Cybersecurity Education; and

• $38.7 million for cybersecurity research and development

“The Committee recommends that NIST continue to work in concert with its public, State, and county partners to encourage co-location of companies involved in NCCoE activities, which will encourage further innovation by leveraging the development of new applications, business use cases, and technology transfer among all stakeholders.” (pgs 18-19)

 In its cybersecurity grant program, the Committee recommends that (pg 19) “consideration should only be given to institutions of higher education, including community colleges, designated by the National Security Agency as Centers of Academic Excellence for Information Assurance Education and Centers for Academic Excellence for Information Assurance Research”.

Other Science Cybersecurity

The Committee commends the National Telecommunications and Information Administration (NTIA) for its recent request for information (RFI) on federal government role on encouraging the development of the ‘internet of things’. The Committee urges continued work on “its consideration of how to appropriately plan for and encourage the proliferation of network connected devices, including soliciting input from: industry stakeholders; subject matter experts; businesses, including small- and medium-sized businesses; consumer groups; and relevant Federal agencies” (pg 17).

The Committee continued funding for cybersecurity research at the National Science Foundation at FY 2016 levels; noting that that research “will form the intellectual foundations for practical applications that make our information networks safer, more secure, and better able to predict, resist, repel, and recover from cyber attacks” (pg 11).

DOJ Cybersecurity

The Committee is funding Department of Justice cybersecurity related programs at $896 million, a 10% increase over the previous fiscal year.

Throughout this title, the Committee’s recommendation for cybersecurity-related activities for the Department totals $896,325,000 for fiscal year 2017, which is an increase of $82,679,000, or 10 percent, above the fiscal year 2016 level.

The US Attorneys’ Office will receive $58 million (almost 4% above requested) to “able to increase the number of investigations and prosecutions of cyber attacks and cyber intrusions, and provide the high-caliber level of training on cybercrime and digital evidence needed for Assistant U.S. Attorneys to be able to analyze and present digital evidence across all types of criminal case” (pg 65).

The FBI cybersecurity funding is being increased by $17 million with an addition $43 million increase for the Cyber Division to “to strengthen its cyber capabilities and investigations including those into ransomware attacks against institutions such as hospitals” (pg 71).

The Committee is also carving out a new $1 million grant program for a new “Cybercrime and Digital Evidence Resource Prosecutor Pilot Program to provide State and local prosecutors with training and trial experience in cybercrimes and digital evidence” (pg 89).

Moving Forward

There has been a general consensus that we will be seeing a continuing resolution passed this year just before the end of the fiscal year, as has become common, especially in an election year. The unspoken assumption has been that no spending bills would be completed before that continuing resolution passed. With the early introduction of this bill and the THUD bill there is a chance that these two less controversial bills may have a chance to be sent to the President before the summer recess. It will all depend on how fast the Senate can take up an pass the two bills.

Commentary

With the FBI and DHS going around the country warning utilities of a potential for a Ukraine style attack on the it is disheartening to see no mention of control system security, particularly ICS forensics in the DOJ portions of this bill. Unfortunately, I think that it is going to take a high-profile attack on a control system for Congress and the DOJ to understand that the forensics capability to collect and evaluate usable evidence for a prosecution against a control system hacker just does not exist within the criminal justice system.

Almost a billion dollars for cybersecurity investigations and prosecutions sounds like a bunch of money, but once it gets spread around the various programs and agencies, it really is not all that much money. The $49 million for the Cyber Division doesn’t really go that far; the CSI Cyber stars probably pull in close to that in salaries and perks (sorry couldn’t help myself). And, on a more serious note, remember the FBI reportedly spent more than $1 million to access a single encrypted device (and yes they probably got a tool out of it, but only for one specific type phone).

Bills Introduced – 04-22-16

With the House and Senate preparing to leave Washington for the weekend there were 53 bills introduced yesterday. Of those three may be of specific interest to readers of this blog:

HR 5026 To direct the President to develop and submit to Congress a comprehensive strategy to combat cybercrime, and for other purposes. Rep. Ross, Dennis A. [R-FL-15]

S 2837 An original bill making appropriations for the Departments of Commerce and Justice, Science, and Related Agencies for the fiscal year ending September 30, 2017, and for other purposes. Sen. Shelby, Richard C. [R-AL]

S 2844 An original bill making appropriations for the Departments of Transportation, and Housing and Urban Development, and related agencies for the fiscal year ending September 30, 2017, and for other purposes. Sen. Collins, Susan M. [R-ME]

HR 5026 could be interesting depending on its definition of ‘cybercrime’. I will only provide coverage if it looks like it would include attacks on control systems.

As always, I watch spending bills for cybersecurity provisions. Of course the transportation bill will also be followed for its effects on hazardous chemical transportation issues.

Bills Introduced – 05-27-15

With both the House and Senate out of town this week on their extended Memorial Day weekend two spending bills were still introduced in the House on Wednesday. Both may be of specific interest to readers of this blog:

HR 2577 Transportation, Housing and Urban Development, and Related Agencies Appropriations Act, 2016 Rep. Diaz-Balart, Mario [R-FL-25]

HR 2578 Commerce, Justice, Science, and Related Agencies Appropriations Act, 2016 Rep. Culberson, John Abney [R-TX-7]

The text of both bills is already available and I will be reviewing them later today. I’ll report details of HR 2577 that include any specific mention of new transportation safety requirements. On HR 2578 I’ll be looking for cybersecurity requirements in the NIST portion of the bill.