Earlier this month, Rep Jackson-Lee introduced HR 285,
the bill would amend 6 USC 659 to
allow the National Cybersecurity and Communications Integration Center
(NCCIC) to “identify, develop, and disseminate actionable protocols to mitigate
cybersecurity vulnerabilities”. A report to Congress is also required. No
funding is authorized in this bill. The language is very similar to the version
2980 that was passed in the House last session.
Jackson-Lee has not yet been assigned to any committees.
This means that it is too early to tell if she will have sufficient influence
to see the bill considered by the House Homeland Security Committee to which
this bill was assigned for consideration. The bill would receive significant
bipartisan support were it considered by the Committee and would again probably
move to the floor of the House under the suspension of the rules process.
The development of remediation protocols authorized by this
bill is another example of Congress authorizing actions already being taken by
CISA. This is, however, going to become more important because of changes made
to the House rules for the consideration of spending bills. H
Res 5 provides a point of order rule for spending bills to call out “for an
expenditure not previously authorized by law”. It is unlikely that this
particular activity by CISA would be the subject of a point of order objection,
but it remains a possibility.
For more details about the provision of this bill, including
differences from the previous version, see my article at CFSN Detailed Analysis
– https://patrickcoyle.substack.com/p/hr-285-introduced –