The Strengthening VA Cybersecurity Act would give the secretary of Veterans Affairs two months to contract with a federally funded research and development center for an independent cyber audit.
CISA director calls legislation to compel companies to report incidents within 72 hours of experiencing a cyberattack and within 24 hours of making a ransom payment a "game changer."
FBI Director Christopher Wray supported the concept of mandatory reporting as part of the Cyber Incident Reporting Act, but argued the law enforcement agency should receive it in real time.
The Senate unanimously passed the Strengthening American Cybersecurity Act, which requires critical infrastructure entities to report hacking incidents to the federal government, and updates the government’s information security hierarchy, among other requirements.
The bill, among other things, would fund security enhancements to critical and emerging technology, tweak authorities that empower NIST to offer cybersecurity expertise and guidance around a range of issues, and establish a data initiative to measure the cybersecurity workforce as both governments and industries deal with a shortage of qualified cybersecurity employees.
The America COMPETES Act, released Tuesday by House Speaker Nancy Pelosi, D-Calif., includes $52 billion in financial incentives to entice semiconductor manufacturers to set up shop in the United States.
A law originally designed to push IT modernization in the federal government should be used to evaluate how agencies are meeting a number of government-wide cybersecurity goals, from modernization and supply chain threats to implementing post-quantum encryption protocols, experts told Congress.
