The U.S. Senate Committee on Homeland Security and Governmental Affairs on Wednesday voted to approve several cybersecurity bills, including ones related to incident response, supply chain security, the government’s cyber workforce, and safeguarding federal information systems.
One of the bills, introduced recently by Senators Maggie Hassan and Rob Portman, is the DHS Cyber Incident Response Teams Act of 2018, which aims to strengthen cybersecurity by requiring the Department of Homeland Security (DHS) to create permanent incident response teams and what lawmakers call “cyber hunt” teams.
These teams would help prevent cyberattacks on both federal agencies and private sector companies, and help mitigate the impact of attacks. The legislation was proposed following reports that Russia-linked threat actors targeted electric utility and other critical infrastructure companies in the U.S.
A companion bill, introduced by Chairman of the House Committee on Homeland Security, Rep. Michael McCaul, recently passed the U.S. House of Representatives.
Another bill approved on Wednesday by the committee is the Federal Rotational Cyber Workforce Program Act of 2018, which Sen. Hassan also co-sponsored. The bill proposes a new program called the Federal Rotation Cyber Workforce Program (FRCWP) that will create policies and procedures for temporarily moving employees from one agency to another.
“Our country faces ever-evolving cyber threats from Russia, China, criminal hackers, and cyber terrorists every single day, and these bipartisan bills will help bolster cyber defenses at federal agencies in order to better protect Americans,” Sen. Hassan said. “While we have far more work to do, these bipartisan bills are important steps to strengthen our elite cyber defense teams, and I urge my colleagues across the aisle to bring these measures to the floor for a vote as quickly as possible.”
Another cybersecurity bill co-sponsored by Sen. Hassan is related to the federal supply chain. The Federal Acquisition Supply Chain Security Act of 2018 was introduced after the government banned cybersecurity products from Kaspersky Lab due to concerns over Russian spying.
The bill seeks the creation of a Federal Acquisition Security Council whose role will be to develop criteria and processes for assessing the supply chain risk posed to national security and the public interest by the acquisition of certain technologies.
The committee also passed the Federal Information Systems Safeguards Act of 2018, which allows federal agencies to make decisions related to securing IT and information systems. The bill allows the head of an agency to restrict or prohibit access to a website, and deploy or update cybersecurity measures.
Finally, the Senate Homeland Security and Governmental Affairs Committee voted to approve the Advancing Cybersecurity Diagnostics and Mitigation Act, which establishes a continuous diagnostics and mitigation program at the DHS.
Related: House Passes Bill to Enhance Industrial Cybersecurity
Related: New Bill in Georgia Could Criminalize Security Research
Related: New Bill Aims to Address Cybersecurity Workforce Shortage

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- GoAnywhere MFT Users Warned of Zero-Day Exploit
- UK Car Retailer Arnold Clark Hit by Ransomware
- EV Charging Management System Vulnerabilities Allow Disruption, Energy Theft
- Unpatched Econolite Traffic Controller Vulnerabilities Allow Remote Hacking
- Google Fi Data Breach Reportedly Led to SIM Swapping
- Microsoft’s Verified Publisher Status Abused in Email Theft Campaign
- British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
Latest News
- Big China Spy Balloon Moving East Over US, Pentagon Says
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Cyber Insights 2023: Venture Capital
- Atlassian Warns of Critical Jira Service Management Vulnerability
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
- China Says It’s Looking Into Report of Spy Balloon Over US
- GoAnywhere MFT Users Warned of Zero-Day Exploit
