Senate Leaders Introduce Bill to Clarify Agencies’ Role in Cyberattack Reporting

The leaders of the Senate Homeland Security and Governmental Affairs Committee introduced a piece of legislation on Monday that would clarify cyberattack reporting requirements for government agencies. The bill, which was introduced by committee Chairman Gary Peters and ranking member Rob Portman, would update the Federal Information Security Modernization Act.

The bill would require government organizations to report cyber incidents to Congress and the Cybersecurity and Infrastructure Security Agency. It would also require the Office of Management and Budget to develop guidance to help agencies create the best funding plan for cybersecurity projects and improve overall federal cybersecurity, The Hill reported.

According to Sen. Peters, online threats have evolved since Congress last addressed the issue, and at that time, CISA had not yet been established. The bill would improve network security, update cyber incident reporting and prevent hackers from gaining access to systems, Peters said.

Sen. Portman also noted that according to two separate reports, government agencies are not prepared to address sophisticated and determined threat actors. He added that such shortcomings compromise the safety of Americans’ personal data.

The two senators have also urged their colleagues to support bipartisan cybersecurity initiatives following a spate of attacks that affected U.S. entities. One of the cyberattacks that prompted a greater focus in cybersecurity is the 2020 SolarWinds Orion incident, which compromised the systems of at least nine government agencies. The hack was linked to Russian actors.

Earlier this year, the Colonial Pipeline attack took place. The infiltration resulted in the U.S. fuel supply chain being compromised.