Critical infrastructure
cybersecurity
Senators Introduce Bill Expanding DHS Duties in Critical Infrastructure Cybersecurity
Senators have introduced legislation that would expand the Department of Homeland Security’s responsibilities in protecting critical infrastructure from cyberattacks.
The DHS Industrial Control Systems Capabilities Enhancement Act would put the Cybersecurity and Infrastructure Security Agency in charge of providing cybersecurity assistance to critical infrastructure organizations, The Hill reported.
CISA would also be tasked with leading efforts to understand threats against industrial control systems, integrated hardware and software designed to control machines and devices in industrial environments.
Because such systems often support critical infrastructure, they cannot easily be shut down for security updates. Industrial control systems also often do not have enough computing resources to run anti-malware software, according to a TechTarget article.
The bill was introduced following a series of high-profile advanced persistent attacks and ransomware attacks against American companies and government agencies.
Among the most recent is the ransomware attack on Florida-based information technology company Kaseya. Some sources labeled the hack as the worst of its kind to date because of the number of organizations affected, The Guardian reported.
Sen. Gary Peters, chairman of the Senate Homeland Security Committee, said the new “commonsense” bill will help address vulnerabilities in the products and technologies used to operate critical infrastructure.
“It is essential we work to protect these networks from attacks that can lead to significant harm to the American people,” Peters added.
The bill’s sponsors include Sens. Peters, Rob Portman and Mark Warner and Rep. John Katko.
The House of Representatives has already passed its version of the bill, which was pushed by a group of sponsors led by Katko, The Hill reported.
Category: Cybersecurity