The Senate passed bill H.R.7327, the SECURE Technology Act, which contains a provision to set up a pilot bug bounty program for the Department of Homeland Security.
The bill was introduced in the House of Representatives byRep. Will Hurd, R-Texas., on December 19 passing the same day. It then proceeded to the Senate where on December 20 it passed without amendment by unanimous consent. It was co-sponsored by Reps. Kevin McCarthy, R, CA John Ratcliffe, R-Texas, James Langevin, D-RI., Filemon Vela, Filemon, D-Texas, and Ted Lieu, D-CA.
“The SECURE Technology Act ensures that our federal agencies can better mitigate the risks to our networks and supply chains. I’m proud that my colleagues and I came together to support this bipartisan initiative to keep Americans safe across the finish line, and I’ll continue to do all that I can to deliver real results back home,” Hurd said in a statement.
Federal level bug bounty programs are not new. The Pentagon, Army, Air Force and Marines have all sponsored similar programs, but if signed by President Trump H.R. 7327 will codify the practice and require how the DHS and individuals, organizations, and companies may operate to discover and report security vulnerabilities.
“By sending this bill to the President’s desk, Congress is signaling that it takes our government’s cybersecurity seriously. Bug bounty programs have proven to be critical to enhancing cybersecurity protections in the private sector and at the Pentagon. Expanding this program to DHS proceeded to our nation’s defenses against cyber security attacks, “ Lieu said.