WASHINGTON, D.C. – Three bipartisan bills authored by U.S. Senator Gary Peters (D-MI) to help address persistent and evolving cybersecurity threats have advanced in the Senate. The bills will strengthen American cybersecurity partnerships with international partners and allies, increase outreach to communities on how they can protect themselves from cyber-attacks, and help rural hospitals improve their cybersecurity. The bills were approved by the Senate Homeland Security and Governmental Affairs Committee, where Peters serves as Chair. They now move to the full Senate for consideration.
“Foreign adversaries and cybercriminals continue to target essential networks here at home and around the world. It’s clear the our government must lead the world in identifying threats and working to address network vulnerabilities so we can prevent disruptive attacks,” said Senator Peters. “These bipartisan bills will help ensure American communities, as well as our international partners and allies have access to cybersecurity support they need to fight back against these threats.”
Current authorities can delay DHS’ ability to quickly respond when foreign countries request cybersecurity assistance from the United States. For example, at the start of the Russian invasion of Ukraine, it took weeks for DHS to provide requested support for cybersecurity defenses. The DHS International Cyber Partner Actwould authorize DHS and CISA to assign personnel to foreign locations and provide assistance and expertise to foreign governments and international organizations on cybersecurity and other homeland security efforts. The bill also allows CISA to include international partners in existing cybersecurity programs that help protect critical infrastructure systems that could disrupt America’s national and economic security if breached.
Since 2004, the President and Congress have declared October as Cybersecurity Awareness Month, during which the government and industry lead a collaborative effort to raise cybersecurity awareness nationally as threats to technology and confidential data become more frequent. The Cybersecurity Awareness Act would direct CISA to develop a year-round campaign that informs the public about best practices on how to prevent cyber-attacks and mitigate cybersecurity risks. The bill would require CISA to also consult with private sector entities, state, local, Tribal, and territorial (SLTT) governments, nonprofits, and universities to promote cybersecurity awareness, including on how to effectively communicate awareness. The legislation would also require CISA to coordinate with other federal agencies and departments to ensure the federal government is communicating accurate and timely information. Finally, the bill would require CISA to ensure campaign resources are publicly available online and regularly updated.
Rural hospitals often lack the resources and staff needed to secure their systems from cyber-attacks. Network breaches on these health care providers have the potential to compromise sensitive medical information and even disrupt patient care. Peters helped introduce the Rural Hospital Cybersecurity Enhancement Act which would require the CISA Director to develop a comprehensive rural hospital cybersecurity workforce development strategy that considers public-private partnerships, development of curricula and training resources, and policy recommendations. It also requires CISA to make cybersecurity training resources available to rural hospital systems.
As Chairman of the Homeland Security and Governmental Affairs Committee, Peters has led efforts to ensure our nation is better prepared to defend against cyber-attacks. His historic, bipartisan provision to require critical infrastructure owners and operators to report to CISA if they experience a substantial cyber-attack or if they make a ransomware payment was signed into law. Peters’ bipartisan bill to enhance cybersecurity assistance to K-12 educational institutions across the country was also signed into law. Peters’ bipartisan bills to bolster cybersecurity for state and local governments, strengthen the federal cybersecurity workforce, and help secure federal information technology supply chains have been signed into law.