U.S. House passes bill requiring report on federal cyberattack response
The U.S. House has easily passed a bill that would require the Department of Homeland Security to evaluate its cybersecurity capability.
The House voted 313-105 Monday to approve the bill, sponsored by Nebraska Republican Don Bacon.
The vote escaped the typical partisan divide in Congress. Majorities of both parties supported the measure, with dozens of each — 73 Republicans and 32 Democrats — opposed.
If passed by the Senate and signed by President Joe Biden, the bill would commission a DHS report on the effectiveness of its responses to cybersecurity incidents. The report would also include an explanation of which DHS agencies are responsible for which cybersecurity responsibilities, and recommendations for how to further clarify those roles.
The bill also includes a declaration that DHS, through its Cybersecurity and Infrastructure Security Agency, is the “lead federal coordinator” for securing critical infrastructure from cyberattacks. CISA is also responsible for responding to a cyberattack that spans multiple sectors, the bill states.
A handful of high-profile cyberattacks on U.S. companies in 2021 – including the hack of the largest pipeline operator in the country, Colonial Pipeline, and the largest U.S. meat processor, JBS Foods – prompted the bill, Bacon said in a statement.
“American companies are being attacked and it’s unacceptable,” Bacon said. “If we want to remain a global leader, more must be done to ensure we are prepared to defend our businesses and defeat these attacks.”
The report would cost less than $500,000 over five years, according to the nonpartisan Congressional Budget Office. Funding would be subject to appropriations. Some Democratic members of the House Energy and Commerce Committee have previously called for providing more power to the Federal Energy Regulatory Commission to oversee pipeline readiness, including vulnerability to cyberattacks.