Citing risks highlighted by a recent security breach aimed at Target customers, a House Homeland Security subcommittee easily advanced bipartisan critical infrastructure cybersecurity legislation last week. The Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies approved H.R. 3696, the “National Cybersecurity and Critical Infrastructure Protection (NCCIP) Act,” by voice vote after adopting several minor amendments. Supported by leading Republicans and Democrats on the Homeland Security Committee, the bill would formalize information-sharing agreements between the federal government and critical infrastructure operators and encourage industries to develop cybersecurity best practice guidelines for the respective sectors.
The panel only made minor changes to the bill during the markup, such as clarifying that DHS may provide cybersecurity assistance to a critical infrastructure owner or operator only following a request from that entity. Sponsors of the bill have stressed that it is not designed to impose new binding regulations on any critical infrastructure sector.