Peters & Portman Provision to Create Significant Incident Declaration for Major Cyber-Attacks Passes Senate as Part of Competitiveness Bill

WASHINGTON, D.C. – A provision authored by U.S. Senators Gary Peters (D-MI) and Rob Portman (R-OH), Chairman and Ranking Member of the Homeland Security and Governmental Affairs Committee, to increase our government’s ability to quickly respond to cyber-attacks passed the Senate as part of a larger package to boost American competitiveness on the global stage. The provision would provide additional resources and better coordination for serious cyber-attacks or breaches that risk the safety and security of Americans. American information networks have recently seen a significant rise in ransomware attacks, including dangerous breaches of a major oil pipeline, the New York City transportation system, and meatpacking centers across the nation.

The provision would help improve the federal response to cyber breaches, such as the recent attack against the Colonial Pipeline. The provision also establishes a Cyber Response and Recovery Fund for the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide direct support to public or private entities as they respond to and recover from significant cyber-attacks and breaches, following a declaration of a significant incident by the Secretary of Homeland Security.

“Over the past few months, we have seen foreign adversaries and criminal organizations relentlessly attack American networks. As we saw from the recent attack against Colonial Pipeline – these breaches can have devastating effects on our daily lives,” said Senator Peters. “This bipartisan provision will help strengthen our response to online assaults from bad actors to ensure we are providing the public and private sector with the resources to recover from attacks and help protect our nation’s critical infrastructure. I look forward to seeing this important provision signed into law and will continue my efforts to bolster our nation’s cyber defenses.”

“Our nation is increasingly vulnerable to cyberattacks every day, as the Colonial Pipeline ransomware attack showed. Cyberattacks are getting worse and more frequent while the government and critical infrastructure are more dependent on information technology,” said Senator Portman. “Our legislation passed by the Senate will provide important emergency resources when major cyberattacks occur and overwhelm the organizations attacked.”                                            

The provision, which is based on the Cyber Response and Recovery Act, would create an authority for the Secretary of Homeland Security, in consultation with the National Cyber Director, to declare a Significant Incident in the event of an ongoing or imminent attack that would impact national security, economic security, or government operations. This declaration would empower CISA to coordinate federal and non-federal response efforts, and allow the Secretary access to a Cyber Response and Recovery Fund that would help support federal and non-federal entities impacted by the event. The provision would authorize $20 million over seven years for the fund and would require DHS to report to Congress on its use.