Home News U.S. Introduces Security Bills to Secure Critical Infrastructure

U.S. Introduces Security Bills to Secure Critical Infrastructure

In the wake of the recent cyberattacks, including the Colonial Pipeline ransomware attack, the U.S. Govt. introduced multiple security bills to protect the country’s critical infrastructure.

U.S. introduce security bills

Organizations globally continue to suffer cyberthreats from various cybercriminal groups. Most enterprises have increased their cybersecurity budget to boost their security capabilities against evolving threats. It is high time for regulatory bodies and policymakers to implement robust security policies for better protection of critical digital infrastructures globally.

Recently, the U.S. House Committee on Homeland Security passed seven bipartisan security bills to bolster defense capabilities, enhance pipeline security, and defend supply-chain attacks targeting U.S. organizations and critical infrastructure. The latest bills also help state and local governments protect their networks, provide mitigation strategies against critical vulnerabilities, and authorize the Cybersecurity and Infrastructure Security Agency (CISA) to help establish a national cyber exercise program to promote continuous testing of cybersecurity preparedness and resilience to cyberattacks.

The Seven Bipartisan Security Bills include:

  1. The Pipeline Security Act (H.R. 3243), introduced by Congressman Emanuel Cleaver, will enhance the ability of TSA — the principal Federal entity responsible for pipeline security — to guard pipeline systems against cyberattacks, terrorist attacks, and other threats.
  2. The State and Local Cybersecurity Improvement Act (H.R. 3138), introduced by Congresswoman Yvette D. Clarke, seeks to authorize a new $500 million grant program to provide State and local, Tribal, and Territorial governments with dedicated funding to secure their networks from ransomware and other cyberattacks.
  3. The Cybersecurity Vulnerability Remediation Act (H.R. 2980), introduced by Congresswoman Sheila Jackson Lee, will authorize CISA to assist critical infrastructure owners and operators with mitigation strategies against the most critical, known vulnerabilities.
  4. The CISA Cyber Exercise Act (H.R. 3223)establishes a National Cyber Exercise program within CISA to promote more regular testing and systemic assessments of preparedness and resilience to cyberattacks against critical infrastructure. The bill was introduced by Congresswoman Elissa Slotkin.
  5. The DHS Blue Campaign Enhancement Act (H.R. 2795)strengthens the DHS Blue Campaign and enhances the availability of human trafficking prevention training opportunities and the development of such training and materials. The bill was introduced by Congressman Peter Meijer.
  6. The DHS Medical Countermeasures Act (H.R. 3263), introduced by Congresswoman Mariannette Miller-Meeks, establishes a medical countermeasures program to support DHS mission continuity and facilitate the readiness and resilience in the event of a chemical, biological, radiological, nuclear, or explosives attack, naturally occurring disease outbreak, or pandemic.
  7. The Domains Critical to Homeland Security Act (H.R. 3264), introduced by Ranking Member John Katko, authorizes DHS to conduct research and development into supply chain risks for critical domains of the U.S. economy and transmit the results to Congress.

The security bills were introduced in the wake of the Homeland Security Committee’s oversight of recent cyberattacks, including the ransomware attack that disrupted operations of the U.S. largest pipeline service Colonial Pipeline, series of SolarWinds supply chain attacks, and state-sponsored groups targeting critical security vulnerabilities in Microsoft Exchange Servers and Pulse Connect Secure devices.

“The Colonial Pipeline ransomware attack that shut down one of our nation’s largest pipelines and triggered fuel shortages across the northeast has brought new urgency to our work to protect the country’s critical infrastructure. This attack also follows a string of disturbing cyberattacks against government entities and the private sector – from SolarWinds and Pulse Connect Secure to Microsoft Exchange Server and the Oldsmar Water facility,” said Chairman Bennie G. Thompson.

“Since the beginning of this Congress, this Committee has engaged in extensive oversight of these events and how the Federal government partners with others to defend our networks. The legislation we reported today was the result of this oversight. I am pleased that they received broad bipartisan support and hope they are considered on the House floor in short order,” Thompson added.