U.S. Sens. Susan Collins (R-ME), Gary Peters (D-MI), Rob Portman (R-OH), and Mark Warner (D-VA) introduced this week an annual defense authorization bill amendment that focuses on bolstering cybersecurity.
The Cyber Incident Reporting Act and Federal Information Security Modernization Act of 2021 revision requires critical infrastructure owners, operators, and civilian federal agencies to report cyberattacks to the Cybersecurity and Infrastructure Security Agency (CISA).
“Having a clear view of the dangers the nation faces from cyberattacks is necessary to prioritizing and acting to mitigate and reduce the threat,” Collins said. “My 2012 bill would have led to improved information sharing with the federal government that likely would have reduced the impact of cyber incidents on both the government and the private sector. Failure to enact a robust cyber incident notification requirement will only give our adversaries more opportunity to gather intelligence on our government, steal intellectual property from our companies and harm our critical infrastructure.”
The amendment additionally seeks to update federal government cybersecurity laws to improve coordination between federal agencies while encouraging a risk-based approach to security and providing additional authorities to CISA to ensure the agency is the lead entity in charge of responding to cybersecurity incidents in federal civilian networks.