Senate Committee Approves Several Cybersecurity Bills

The U.S. Senate Committee on Homeland Security and Governmental Affairs on Wednesday voted to approve several cybersecurity bills, including ones related to incident response, supply chain security, the government’s cyber workforce, and safeguarding federal information systems.

One of the bills, introduced recently by Senators Maggie Hassan and Rob Portman, is the DHS Cyber Incident Response Teams Act of 2018, which aims to strengthen cybersecurity by requiring the Department of Homeland Security (DHS) to create permanent incident response teams and what lawmakers call “cyber hunt” teams.

These teams would help prevent cyberattacks on both federal agencies and private sector companies, and help mitigate the impact of attacks. The legislation was proposed following reports that Russia-linked threat actors targeted electric utility and other critical infrastructure companies in the U.S.

A companion bill, introduced by Chairman of the House Committee on Homeland Security, Rep. Michael McCaul, recently passed the U.S. House of Representatives.

Another bill approved on Wednesday by the committee is the Federal Rotational Cyber Workforce Program Act of 2018, which Sen. Hassan also co-sponsored. The bill proposes a new program called the Federal Rotation Cyber Workforce Program (FRCWP) that will create policies and procedures for temporarily moving employees from one agency to another.

“Our country faces ever-evolving cyber threats from Russia, China, criminal hackers, and cyber terrorists every single day, and these bipartisan bills will help bolster cyber defenses at federal agencies in order to better protect Americans,” Sen. Hassan said. “While we have far more work to do, these bipartisan bills are important steps to strengthen our elite cyber defense teams, and I urge my colleagues across the aisle to bring these measures to the floor for a vote as quickly as possible.”

Another cybersecurity bill co-sponsored by Sen. Hassan is related to the federal supply chain. The Federal Acquisition Supply Chain Security Act of 2018 was introduced after the government banned cybersecurity products from Kaspersky Lab due to concerns over Russian spying.

The bill seeks the creation of a Federal Acquisition Security Council whose role will be to develop criteria and processes for assessing the supply chain risk posed to national security and the public interest by the acquisition of certain technologies.

The committee also passed the Federal Information Systems Safeguards Act of 2018, which allows federal agencies to make decisions related to securing IT and information systems. The bill allows the head of an agency to restrict or prohibit access to a website, and deploy or update cybersecurity measures.

Finally, the Senate Homeland Security and Governmental Affairs Committee voted to approve the Advancing Cybersecurity Diagnostics and Mitigation Act, which establishes a continuous diagnostics and mitigation program at the DHS.

Related: House Passes Bill to Enhance Industrial Cybersecurity

Related: New Bill in Georgia Could Criminalize Security Research

Related: New Bill Aims to Address Cybersecurity Workforce Shortage