House passes several new bipartisan cybersecurity bills

The legislation takes a variety of approaches to beefing up the nation's digital defenses.
By Kat Jercich
01:17 PM

Committee on Homeland Security Chair Rep. Bennie Thompson

Photo: Congressman Bennie Thompson
AFGE/Wikimedia Commons, licensed under CC BY 2.0

The U.S. House of Representatives passed four bills this week aimed at bolstering cybersecurity efforts throughout the country.

The legislation takes a variety of approaches to strengthening public entities' response to cyber threats.   

"Cyber attacks have increased at a rapid pace this year and pose a persistent threat to our national security," said Committee on Homeland Security Chair Rep. Bennie Thompson, D-Miss., in a statement.  

"I look forward to working with the Senate to ensure these bills become law," he added.  

WHY IT MATTERS  

The four pieces of legislation were among more than a dozen homeland security bills passed by the House this week: HR 3138, HR 2980, HR 3223 and HR 1833.

The State and Local Cybersecurity Improvement Act (HR 3138) would authorize a new $500 million grant program to provide state, local, tribal and territorial governments with dedicated funding to secure their networks from ransomware and other cyberattacks.  

The Cybersecurity Vulnerability Remediation Act (HR 2980) aims to allow the Cybersecurity and Infrastructure Security Agency to assist critical infrastructure owners and operators with mitigation strategies against the most critical, known vulnerabilities.  

The CISA Cyber Exercise Act (HR 3233) establishes a National Cyber Exercise program within CISA to promote more regular testing and systemic assessments of preparedness and resilience to cyberattacks against critical infrastructure.  

The DHS Industrial Control Systems Capabilities Enhancement Act of 2021 (HR 1833) looks to improve CISA’s ability to detect and mitigate cyber threats and vulnerabilities to industrial control systems.   

It also would require CISA to maintain cross-sector incident response capabilities, provide technical assistance to stakeholders and collect, coordinate and provide vulnerability information about industrial control systems to stakeholders.

The legislation comes amidst the latest numbers from the Office of Civil Rights about healthcare breach reports. Although the bills would go beyond healthcare, the medical industry has been particularly vulnerable to ransomware attacks and other hacking incidents. According to HIPAA Journal, June saw an above-average 11% increase in reported breaches from the previous month.   

Over the last year, more than 40 million healthcare records have been exposed or disclosed to unauthorized parties.

THE LARGER TREND

In the wake of several high-profile cyberattacks, the federal government has taken steps to try and shore up the country's digital defenses. The Department of Justice, for example, has elevated its ransomware probes to terrorism-level priority.  

Meanwhile, President Joe Biden's administration has even invoked the threat of military action in addition to the executive branch's billion-dollar budgetary request toward beefing up the nation's anti-hacking muscles.  

ON THE RECORD  

"The State and Local Cybersecurity Improvement Act is an essential step to ensure our state and local governments are not left vulnerable to cyber attacks, and I am pleased that the House came together to pass this critical bipartisan legislation," said Thompson in a statement.  

"I am also glad the House also passed twelve other timely homeland security bills that are focused on helping DHS better meet its mission to address the myriad ... threats we face today," he added.

 

Kat Jercich is senior editor of Healthcare IT News.
Twitter: @kjercich
Email: kjercich@himss.org
Healthcare IT News is a HIMSS Media publication.

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.