The House Passed Four Cybersecurity Bills — What Do They Mean?

Cyberattacks and cybersecurity vulnerabilities made news headlines multiple times in 2021. From the Colonial Pipeline breach to the JBS breach to the University of California Schools ransomware attack, and many others (unfortunately). Cyber attacks have been on the rise, and the likelihood of them slowing down is pretty slim. The good news (yeah, that is odd to say) is that the U.S. Government has taken notice of the influx of attacks and has taken action.

In late July 2021, the U.S. House of Representatives passed several bills focused on cybersecurity, and it looks like there may be more in the works. The four that passed in July are as follows:

The State and Local Cybersecurity Improvement Act (HR 3138) would authorize a new $500 million grant program to provide state, local, tribal and territorial governments with dedicated funding to secure their networks from ransomware and other cyberattacks.

The Cybersecurity Vulnerability Remediation Act (HR 2980) aims to allow the Cybersecurity and Infrastructure Security Agency (CISA) to assist critical infrastructure owners and operators with mitigation strategies against the most critical, known vulnerabilities.

The CISA Cyber Exercise Act (HR 3233) establishes a National Cyber Exercise program within CISA to promote more regular testing and systemic assessments of preparedness and resilience to cyberattacks against critical infrastructure.

The DHS Industrial Control Systems Capabilities Enhancement Act of 2021 (HR 1833) looks to improve CISA’s ability to detect and mitigate cyber threats and vulnerabilities to industrial control systems.

While Bills and Acts tend to sound a lot like “corporate speak”, these Bills hold real value for businesses and individuals. Cyberattacks impact all of us, even though they may seem like they do not. For example, the Colonial Pipeline breach took down the largest fuel pipeline in the United States, leading to fuel shortages across the East Coast. Those that live along the East Coast felt the impacts pretty quickly, as did the many businesses located in these States. Those not living on the East Coast waited to see if the shortages would impact them as well and/or how their business partners in those areas would work through the issues. But beyond that, it caused a slight (perhaps more than slight) panic throughout the United States — if it could happen to the largest pipeline, where else could a cyberattack happen?

That’s why Bills like those passed by the U.S. House of Representatives are important. They provide funds and people-power to secure networks, determine mitigation strategies and allow for more testing at the Government, critical infrastructure, and industrial control systems levels. More than that, they signal the importance of cybersecurity on a national level. This type of signal can help pave the way for businesses to get even more serious about cybersecurity. It can also help nudge those who may not see the benefit of spending a budget on cybersecurity, to change their minds.

While it’s hard to predict what will come next, an emphasis on cybersecurity by the House and Senate is unlikely to dissipate. Instead, it will likely continue to stay at the forefront of their minds. And we encourage business owners to keep cybersecurity on the forefront of their minds as well. Stay up-to-date on cybersecurity trends by reading the Intivix blog, work with a strong IT Managed Service Provider with expertise in cybersecurity and disaster recovery, and keep employees in the loop on how they can help prevent cyber-crimes. If we’ve learned anything from the cyber-attack news headlines of the past year, it’s that we need to continue to focus on cybersecurity because hackers are definitely not slowing down on their attacks.

If you’re interested in enhancing your cybersecurity efforts, consider contacting Intivix. We’ve worked with multiple organizations to develop a cybersecurity plan, mitigate situations and build appropriate disaster recovery and business continuity plans.