The United States House of Representatives passed the National Defense Authorization Act for Fiscal Year 2022 last week with a number of Homeland Security-related amendments, including measures that would strengthen cybersecurity and Infrastructure Security Agency (CISA) and the Department of Homeland Security (DHS).
Among the measures included in the NDAA, HR 4350, a notable amendment included a measure that would require the CISA to develop procedures for reporting cybersecurity incidents. Such procedures would require owners and operators of covered critical infrastructure to report. They should deliver cybersecurity incidents to a new office within CISA: the Cyber Incident Review Office.
“I am delighted with the House’s overwhelming bipartisan support for homeland security measures that tackle everything from historic DHS morale issues to human trafficking, cybersecurity and transportation security,” he said. said US Representative Bennie Thompson (D-MS), chairman of the House Homeland Security Committee, said. “The changes authorizing mandatory cyber incident reporting and the CyberSentry program – two major cybersecurity priorities – underscore the bipartisan interest in strengthening the capacity of the CISA to support the private sector which is bombarded with increasingly frequent cyber attacks and sophisticated. “
In the case of the CyberSentry program that Thompson alluded to, a separate amendment would authorize the creation of a new program under the CBCA to more closely align business and government in the fight against cyber threats. More specifically, this would allow CISA to initiate voluntary partnerships with the owners and priority operators of industrial control systems (ICS), essentially creating a public-private partnership for the monitoring and detection of cyberthreats.
A third measure related to the broader NDAA was an amendment consisting of 19 pieces of legislation passed by the House. Each deals with improving homeland security, both through strengthening DHS itself, as well as related research and development efforts, cybersecurity and transportation security, etc.
These three amendments were sponsored in part by Thompson, although he was joined by a bipartisan collection of colleagues on individual measures. The cyber incident reporting measure and CyberSentry measures were also supported by US representatives Yvette Clarke (D-NY), John Katko (R-NY) and Andrew Garbarino (R-NY). General improvements in homeland security were supported by Thompson and Katko.
“Once enacted, CISA will be on track to get the information it needs to quickly identify malicious cyber campaigns, gain a better understanding of the cyber threat landscape, and be a better security partner for its critical infrastructure partners.” Thompson said.