House Passed HR 4364 – FY 2024 Legislative Spending

Yesterday, the House took up HR 4364, the Legislative Branch Appropriations Act, 2024, and passed it by a vote of 214 to 197, four Democrats joining the Republicans in passing the bill. No amendments were considered.

I do not normally cover this legislation, but the Committee Report (pg 19) did include a building control system security mention, so this technically is of ICS security interest.

When the Senate takes up this bill, they will first substitute the language from S 2302 for the House language, before they consider the bill. Neither that bill or its associated Report contain cybersecurity language.

Bills Introduced – 7-13-23

Yesterday, with both the House and Senate in session, there were 102 bills introduced. Six of those bills will receive additional attention in this blog:

HR 4623 To establish a voluntary program to identify and promote internet-connected products that meet industry-leading cybersecurity and data security standards, guidelines, best practices, methodologies, procedures, and processes, and for other purposes. Lieu, Ted [Rep.-D-CA-36] 

HR 4636 To direct the Secretary of Transportation to establish a Wireless Electric Vehicle Charging Grant Program, and for other purposes. Stevens, Haley M. [Rep.-D-MI-11]

S 2289 A bill to direct the Director of the Information Security Oversight Office to assess foreign influence in the National Industrial Security Program and to develop a single, integrated strategy to better identify and mitigate such foreign influence, and for other purposes. Peters, Gary C. [Sen.-D-MI] 

S 2302 An original bill making appropriations for the Legislative Branch for the fiscal year ending September 30, 2024, and for other purposes. Reed, Jack [Sen.-D-RI]

S 2309 An original bill making appropriations for financial services and general government for the fiscal year ending September 30, 2024, and for other purposes. Van Hollen, Chris [Sen.-D-MD]

S 2321 An original bill making appropriations for the Departments of Commerce and Justice, Science, and Related Agencies for the fiscal year ending September 30, 2024, and for other purposes. Shaheen, Jeanne [Sen.-D-NH]

I will be covering HR 4623, S 2289, and S 2321.

I will be watching HR 4636 for language and definitions that would specifically include operational technology cybersecurity issues within the scope of the legislation.

I will be watching S 2302 and S 2309 and their reports for language that addresses cybersecurity issues.

Committee Hearings – Week of 2-27-22

This week with both the House and Senate returning to Washington, there is a pretty routine number of Committee hearings currently scheduled. They include a hearing on DOE related bills in the Senate and a markup hearing in the House that includes cybersecurity measures.

DOE Hearing

Tomorrow, the Senate Energy and Natural Resources Committee will conduct a hearing on pending legislation. They list seven DOE related bills that about which they will receive testimony. The witness list is currently limited to Geraldine Richmond, DOE. One of the bills touches on responsibilities for cybersecurity incident response at DOE, S 2302.

Cybersecurity Markup

On Wednesday, the House Homeland Security Committee will hold a markup hearing looking at 12 pieces of legislation. There are three bills that may be of interest here, two were introduced last Friday and one will be introduced this week, probably today.

HR 6824, “President’s Cup Cybersecurity Competition Act” [PDF]

HR 6825, "Nonprofit Security Grant Program Improvement Act of 2022" [PDF]

HR____, "Cybersecurity Grants for Schools Act of 2022" [PDF]

I have not yet had a chance to do a detailed review of any of these bills since they have not been published by the GPO. I will be looking at the Committee drafts (links provided above) for the bills before Wednesday.

Review - S 2302 Introduced – DOE Organization

Last month, Sen Barrasso (R,WY) introduced S 2302 (no fancy name). The bill would amend 42 USC 7133(a), which lists the duties of the eight Assistant Secretaries of the Department of Energy. It removes some of the wording of §7133(a) and adds a paragraph (12) listing security and emergency response related duties for Assistant Secretaries.

Barrasso is the Ranking Member of the Senate Energy and Natural Resources Committee to which this bill was assigned for consideration and his sole cosponsor {Sen Risch (R,ID)} is also a member of the Committee. Normally, this would mean that Barrasso would have enough influence to see the bill considered in Committee. The fact, however, that there is no Democrat cosponsor would seem to indicate that there are conflicts within the Committee about these provisions that may mitigate against the consideration.

For a closer look at the details of the changes proposed in this bill and their potential political ramifications, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/s-2302-introduced - subscription required.

Bills Introduced – 6-24-21

Yesterday, with both the House and Senate in Washington (and the Senate preparing to leave for their 2-week 4^th of July recess), there were 176 bills introduced. Five of those bills will receive additional coverage in this blog:

S 2269 A bill to secure the bulk-power system in the United States. Sen. Scott, Rick [R-FL] 

S 2274 A bill to authorize the Director of the Cybersecurity and Infrastructure Security Agency to establish an apprenticeship program and to establish a pilot program on cybersecurity training for veterans and members of the Armed Forces transitioning to civilian life, and for other purposes. Sen. Hassan, Margaret Wood [D-NH]

S 2292 A bill to require the Secretary of Homeland Security to study the potential consequences and benefits of amending the Computer Fraud and Abuse Act to allow private companies to take proportional actions in response to an unlawful network breach. Sen. Daines, Steve [R-MT]

S 2302 A bill to amend the Department of Energy Organization Act to assign certain functions to the Assistant Secretaries of Energy relating to energy emergencies and energy security, and for other purposes.

S 2305 A bill to enhance cybersecurity education. Sen. Ossoff, Jon [D-GA]