Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

House Passes Several Critical Infrastructure Cybersecurity Bills

The U.S. House of Representatives this week passed several cybersecurity bills, including ones related to critical infrastructure, industrial control systems (ICS), and grants for state and local governments.

The U.S. House of Representatives this week passed several cybersecurity bills, including ones related to critical infrastructure, industrial control systems (ICS), and grants for state and local governments.

One of the bills focusing on critical infrastructure is the Cybersecurity Vulnerability Remediation Act, which aims to authorize the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) to assist owners and operators of critical infrastructure with mitigation strategies against serious vulnerabilities.

The bill covers vulnerabilities in IT and OT systems, as well as security holes in hardware or software that is no longer supported. It also authorizes the DHS to create a competition for identifying remediation solutions for vulnerabilities in IT and ICS products.

The House this week also passed the CISA Cyber Exercise Act, which establishes a program within CISA with the goal of promoting regular testing and assessments of preparedness and resilience to cyberattacks aimed at critical infrastructure.

The exercises would simulate significant impact from a cyberattack on government or critical infrastructure networks, and would help organizations improve readiness and incident response capabilities.

Another bill is the DHS Industrial Control Systems Capabilities Enhancement Act of 2021, which requires CISA to improve its ability to identify and address threats to ICS, particularly systems used in critical infrastructure. If the bill becomes law, the agency will be required to maintain cross-sector incident response capabilities, provide technical assistance to stakeholders, and share vulnerability information with the ICS community.

The State and Local Cybersecurity Improvement Act seeks to authorize a new $500 million grant program whose goal is to provide funding for cybersecurity to state, local, tribal and territorial governments.

The bill will allow state and local government organizations to request funds that they will use to address cybersecurity risks and threats to their IT systems. CISA will be in charge of the program.

Advertisement. Scroll to continue reading.

Another bill passed on to the Senate this week is the Domains Critical to Homeland Security Act, which authorizes the DHS to identify supply chain risks to domains that are critical to economic security. While it does not specifically mention cyber, it could be applicable to this area.

“The bill defines United States critical domains for economic security as the critical infrastructure and other associated industries, technologies, and intellectual property, or any combination thereof, that are essential to U.S. economic security,” a summary of the bill explains.

All of these bills are proposed as amendments to the Homeland Security Act of 2002.

Related: Proposed Bill Would Allow Americans to Sue Foreign Cyber-Actors

Related: House Committee Passes Bills Improving CISA Leadership and Authority

Related: IoT Cybersecurity Improvement Act Passes Senate

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

Solana co-founder Stephen Akridge has been appointed the CEO of data protection firm Cyber Grant.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.