White House Signs Two Bills to Bolster Cybersecurity

President Joe Biden signed two cybersecurity bills into law this week, which are designed to bolster defences for federal, state, and local government.

The bills have been introduced following a continued rise in cyberattacks, with government entities in particular coming under threat.

Major reform has been on the agenda since the SolarWinds hack in 2021, in which Russian agents compromised nine federal agencies and at least 100 private sector groups. A few months later, Colonial Pipeline was hit by a devastating ransomware attack that shut off gas supplies along the East Coast, creating disruption for millions of Americans.

Both of President Biden’s new bills were sponsored by Democrat and Republican representatives, demonstrating that cybersecurity is a bipartisan issue.

What are the bills?

A White House press release described the two bills. The Federal Rotational Cyber Workforce Program Act of 2021 (Bill S. 1097) establishes a system of responsibility within the Federal Cyber Workforce.

The workforce is a “diverse group of practitioners who govern, design, defend, analyze, administer, operate, and maintain our nation’s data, systems and networks,” the CIO Council explains

The law establishes that “certain federal employees may be detailed among rotational cyber workforce positions at other agencies”. It also authorizes agencies to determine which employees are eligible for the program. 

Meanwhile, the State and Local Government Cybersecurity Act of 2021 (Bill S. 2520) introduces new rules requiring the Department of Homeland Security to increase its collaboration with state, local, tribal, and territorial entities when addressing cybersecurity threats.

The department must also work with corporations, associations, and the general public to identify and mitigate risks.

Additionally, the law requires the National Cybersecurity and Communications Integration Center to provide training, conduct exercises, and promote cybersecurity education and awareness across all lower levels of government.

Next steps

These bills are the latest in a series of efforts made by the Biden administration to bolster cybersecurity. The President recently oversaw the creation of a cybersecurity bureau and cybersecurity review board, and last year he signed an executive order to improve cybersecurity practices.

Chris Wysopal, the chief technology officer and co-founder of the cybersecurity company Veracode, called the executive order “surprisingly expansive”, and praised the addition of an oversight board.

According to Wysopal, it will help organizations learn from cybersecurity incidents and maintain the privacy of cyber victims. “It’s aggressive. It’s serious. And I think it’s long overdue,” he added.

Although government support is crucial in tackling the threat of cyber crime, organizations must also remember their obligations for protecting their systems.

It’s one thing to perform functions to meet government guidelines but something else to recognize the cybersecurity threats you face and the damage they can cause.

For those who want to better understand the ways they can mitigate cyber threats, IT Governance USA can help.

Our Cybersecurity Complete E-Learning Suite contains all four of our e-learning programs, which when combined with your continual awareness campaign will boost your employees’ understanding of a range of topics.

And as an annual package, you can roll courses out throughout the year to keep staff awareness as a central part of your business while avoiding the risk of overloading employees with too much training in one go.

Leave a Reply