The Department of Homeland Security’s ability to respond to requests from foreign countries for cybersecurity assistance could be delayed under current authority.
According to Sen. Gary Peters’ office, it took weeks for DHS to provide support for Ukraine following Russia’s invasion.
The department and its Cybersecurity and Infrastructure Security Agency (CISA) are authorized under the Michigan Democrat’s proposed DHS International Cyber Partner Act to assign staff to foreign locations to provide assistance and expertise to foreign governments and international organizations on cybersecurity. International partners can also participate in existing cybersecurity programs to help protect critical infrastructure in the U.S.
The international partnership authorization is among three cybersecurity bills introduced by Peters that were approved by the Senate Homeland Security and Governmental Affairs Committee, which now head to the full Senate.
In addition to the DHS International Cyber Partner Act, the two other bills direct CISA to work with domestic agencies to promote cybersecurity awareness and develop a comprehensive strategy for developing cybersecurity workforces for rural hospitals.
“Foreign adversaries and cybercriminals continue to target essential networks here at home and around the world. It’s clear our government must lead the world in identifying threats and working to address network vulnerabilities so we can prevent disruptive attacks,” Peters in a statement. “These bipartisan bills will help ensure American communities, as well as our international partners and allies have access to cybersecurity support they need to fight back against these threats.”
While October has been known as Cybersecurity Awareness Month since 2004, the Cybersecurity Awareness Act requires CISA to develop a year-round campaign to inform the public of best practices and how to mitigate cybersecurity risks. CISA is also required to consult and promote cybersecurity awareness with state, local, tribal and nonprofit entities, as well as universities, as well as communicating accurate and timely information with other federal agencies.
Finally, the Rural Hospital Cybersecurity Enhancement Act requires the CISA director to develop a comprehensive workforce development strategy for cybersecurity at rural hospitals, which often lack the resources and staff needed to secure their systems from cyberattack. The bill stated that DHS and CISA may consult with the secretaries of Health and Human Services, Education, and Labor to develop the workforce strategy.
