Legislative Activity

Senate is Likely to Consider Cybersecurity Legislation Before August Recess

Once it completes its work on surface transportation reauthorization legislation, the Senate has indicated that it plans to consider the Cybersecurity Information Sharing Act (CISA/S. 754) on the Senate floor before it leaves for recess, which is scheduled to begin on August 7. It is likely that Senators will introduce a number of amendments to the legislation when it hits the floor, including amendments that would seek to create data breach notification standards, to expand the privacy protections in the bill, and to update federal cybersecurity efforts, particularly in light of the Office of Personnel Management data breach.

Last week, Senate Homeland Security and Governmental Affairs Chairman Ron Johnson (R-WI) and Ranking Member Tom Carper (D-DE) announced that they would mark up a bill on Wednesday that would accelerate the deployment of the Department of Homeland Security’s cybersecurity program, EINSTIEN 3, to all federal agencies. Additionally, Senator Susan Collins (R-ME), along with a bipartisan group of Senators, also announced last week that they were introducing a separate bill – the FISMA Reform Act of 2015 – to strengthen the cyber defense posture of federal networks by updating the Federal Information Security Modernization Act that was signed into law last year. Both of these bills are likely to be offered as amendments to the Cybersecurity Information Sharing Act.

While the timing for consideration of CISA has not been made official to date, Senate Majority Leader Mitch McConnell (R-KY) is currently assessing how much time will be needed to consider the bill on the floor, as well as the potential for a number of controversial amendments that could take up significant floor time. A number of stakeholders, including the U.S. Chamber of Commerce and the Information Technology Industry Council, have indicated that they will include the vote on CISA as a key vote on their scorecards.

The House previously passed two information sharing bills: the Protecting Cyber Networks Act (H.R. 1560) and the National Cybersecurity Protection Advancement Act (H.R. 1731) in April. These bills were combined after passage and will have to be conferenced with CISA once it is passed by the Senate.

This Week’s Hearings:

• Tuesday, July 28: The House Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies will hold a hearing titled “Promoting and Incentivizing Cybersecurity Best Practices.”

• Wednesday, July 29: The Senate Homeland Security and Governmental Affairs Committee will mark up a number of homeland security bills including the Critical Infrastructure Protection Act of 2015 and the EINSTEIN Act of 2015.

• Thursday, July 30: The House Permanent Select Committee on Intelligence will hold a hearing titled “World Wide Cyber Threats.”