Today, the Committee on Homeland Security favorably reported seven bipartisan homeland security bills, including critical legislation to enhance pipeline security in light of the Colonial Pipeline ransomware attack that caused 5,500 miles of gas pipeline to shut down for days. Other measures passed in today’s markup include bills to help State and Local governments protect their networks, provide critical infrastructure owners and operators with mitigation strategies against critical vulnerabilities, and establish a national cyber exercise program to promote more regular testing of preparedness and resilience to cyber attacks against critical infrastructure.
“The Colonial Pipeline ransomware attack that shutdown one our nation’s largest pipelines and triggered fuel shortages across the northeast has brought new urgency to our work to protect the country’s critical infrastructure. This attack also follows a string of disturbing cyber attacks against government entities and the private sector – from SolarWinds and Pulse Connect Secure to Microsoft Exchange Server and the Oldsmar Water facility. Since the beginning of this Congress, this Committee has engaged in extensive oversight of these events and how the Federal government partners with others to defend our networks,” said Chairman Thompson. “The legislation we reported today was the result of this oversight. I am pleased that they received broad bipartisan support and hope they are considered on the House floor in short order.”
The seven bipartisan bills are:
The “Pipeline Security Act” (H.R. 3243) was introduced by Congressman Emanuel Cleaver (D-MO). This bill will enhance the ability of TSA—the principal Federal entity responsible for pipeline security—to guard pipeline systems against cyberattacks, terrorist attacks, and other threats. This measure codifies TSA’s Pipeline Security Section and clarifies TSA’s statutory mandate to protect pipeline infrastructure.
The “State and Local Cybersecurity Improvement Act” (H.R. 3138) was introduced by Congresswoman Yvette D. Clarke (D-NY). This bill seeks to authorize a new $500 million grant program to provide State and local, Tribal, and Territorial governments with dedicated funding to secure their networks from ransomware and other cyber attacks.
The “Cybersecurity Vulnerability Remediation Act” (H.R. 2980) was introduced by Congresswoman Sheila Jackson Lee (D-TX). This bill would authorize CISA to assist critical infrastructure owners and operators with mitigation strategies against the most critical, known vulnerabilities.
The “CISA Cyber Exercise Act” (H.R. 3223) was introduced by Congresswoman Elissa Slotkin (D-MI). This bill establishes a National Cyber Exercise program within CISA to promote more regular testing and systemic assessments of preparedness and resilience to cyber attacks against critical infrastructure.
The “DHS Blue Campaign Enhancement Act” (H.R. 2795) was introduced by Congressman Peter Meijer (R-MI). This bill strengthens the DHS Blue Campaign and enhances the availability of human trafficking prevention training opportunities and the development of such trainings and materials.
The “DHS Medical Countermeasures Act” (H.R. 3263) was introduced by Congresswoman Mariannette Miller Meeks (R-IA). This bill would establish a medical countermeasures program to support DHS mission continuity and facilitate the readiness and resilience in the event of a chemical, biological, radiological, nuclear, or explosives attack, naturally occurring disease outbreak, or pandemic.
The “Domains Critical to Homeland Security Act” (H.R. 3264) was introduced by Ranking Member John Katko (R-NY). This bill authorizes DHS to conduct research and development into supply chain risks for critical domains of the United States economy and transmit the results to Congress.