A couple would codify recommendations made by the Cyberspace Solarium Commission.
Senators from both sides of the political aisle introduced several bills late last week aimed at strengthening the government’s cybersecurity readiness and response efforts.
The legislation comes as consequences of ongoing cyber intrusions targeting U.S. federal networks and major private companies continue to emerge.
“Extensive breaches and attacks of public and private networks in just the last few months have compromised our national security and shown our nation is not adequately prepared to tackle evolving cyber threats,” Sen. Gary Peters, D-Mich., said Friday. Peters and Sen. Rob Portman, R-Ohio, that day put forward the Cyber Response and Recovery Act of 2021.
Under the lawmakers’ proposal, the Homeland Security secretary, in consultation with the national cyber director, would be authorized to declare “a Significant Cyber Incident following a breach of public and private networks,” a press release confirmed. That 12-page bill, shared with Nextgov Monday, would also enable the establishment of a Cyber Response and Recovery Fund, which could be used by the Homeland Security Department and the Cybersecurity and Infrastructure Security Agency to help public and private entities in the wake of such disruptions.
The legislation would allocate $20 million over seven years for that fund—and it would also direct a report to Congress on how the money is put to use. President Joe Biden’s initial budget request also included a call for that fund.
Portman’s and Peters’ provisions would codify recommendations previously made by the Cyberspace Solarium Commission. Suggestions made by that strategically cyber-focused intergovernmental body were also put forward in the National Risk Management Act, introduced Friday by Sens. Maggie Hassan, D-N.H., and Ben Sasse, R-Neb.
The six-page bill would direct CISA to pinpoint and prioritize risks—those both cyber and physical—to America’s critical infrastructure. The White House would have to brief Congress on plans to address any vulnerabilities discovered.
“China and Russia are increasingly brazen in their use of cyber tools to get inside American critical infrastructure networks. These critical systems must be more resilient,” Sasse said in a statement. “It’s time to get serious about the future of war and how we protect the systems that allow our daily life to run smoothly.”
A bill to “establish a Civilian Cyber Security Reserve as a pilot project to address the [U.S.’] cybersecurity needs” was also introduced Thursday, by Sen. Jacky Rosen, D-N.V.