House OKs bills on federal cyber policies, tees up more

The House on Monday easily passed a pair of cybersecurity measures, including a bill that would require the Department of Homeland Security to review its incident response plans and submit a report outlining the specific roles of federal agencies.

Lawmakers approved the DHS Roles and Responsibilities in Cyber Space Act, 313-105. The measure, introduced by Rep. Don Bacon (R-Neb.), came in the wake of last year’s ransomware attacks on the Colonial Pipeline and the meat processing giant JBS — events that prompted lawmakers to reassess digital authorities across several federal entities.

“The federal response to these cyber incidents was inadequate and exposed gaps and confusion in how we defend our critical infrastructure,” Bacon said in a statement. “It’s clear that our cyber incident response framework must evolve to match the threat.”

The House also voted 386-31 in favor of a measure that would enshrine the Cybersecurity and Infrastructure Security Agency’s annual President’s Cup Cybersecurity Competition into law. The DHS cyber wing has conducted the event since 2019, giving monetary awards to winning participants.

“By incentivizing cybersecurity in the federal government, we are strengthening our cyber infrastructure while investing in our federal workforce and improving their capabilities to defend our nation,” Rep. Elaine Luria (D-Va.), the bill’s sponsor, said in a statement.

The House is set to take up more cybersecurity measures as soon as Wednesday.

Lawmakers will vote on a Senate-approved measure, dubbed the State and Local Government Cybersecurity Act, that would allow the federal government to conduct cybersecurity exercises with state and local entities and provide them access to technical tools and other assistance. 

It would also let federal officials coordinate with state, local, tribal and territorial entities to establish vulnerability disclosure programs, information sharing efforts and improvements to election security infrastructure.

House members will also weigh in on the Cybersecurity Grants for Schools Act of 2022, which would allocate federal grants to state governments to provide a stronger cybersecurity curriculum to students.

The bill by Rep. Andrew Garbarino of New York, the top Republican on the House Homeland Security Cybersecurity Subcommittee, would require CISA to distribute federal funding to state and local schools, as well as financial aid to nonprofits, to better educate the public about the cybersecurity threat landscape — an effort that could bolster the federal government’s ongoing warnings about the digital dangers posed by Russia and China.