Representatives Abigail Spanberger (D-VA-07), John Katko (R-NY-24), and Andrew Garbarino (R-NY-02) co-introduced a bill directing the designation of systemically important critical infrastructure.
“Earlier this year, Central Virginia families and businesses felt the serious impacts of the cyberattack on the Colonial Pipeline. In our communities, we saw how critical infrastructure — such as the Colonial Pipeline — plays a fundamental role in our daily lives and in the day-to-day success of our regional economy,” Spanberger said in a Thursday press release.
“Even in the wake of recent cyberattacks on critical infrastructure, like the DarkSide attack on the Colonial Pipeline, the United States lacks a truly comprehensive understanding of what constitutes ‘systemically important critical infrastructure.’ As a result, the federal government does not have a formal process for identifying and strengthening protections for this subset of critical infrastructure that — if disrupted — would have a debilitating effect on America’s national security, economy, public health, or supply chains,” her release states.
The Securing Systemically Important Critical Infrastructure Act would require the Cybersecurity and Infrastructure Security Agency (CISA) to establish a process to designate that kind of infrastructure and give owners access to CISA resources including technical assistance and voluntary monitoring and detection programs.
Spanberger said, “Our bipartisan bill would help us identify the critical infrastructure that is particularly foundational and systemically important to our economy and national security, and it would help prioritize protecting these systemically important systems from the serious consequences cyberattacks can have on public safety and health, as well as on our supply chains.”
Katko, Ranking Member of the U.S. House Homeland Security Committee, said, “Our goal is to understand the single points of failure and layers of systemic risk in our economy, because if everything is critical, nothing is. This effort is complementary to bipartisan incident reporting legislation that recently passed the House.”
The National Defense Authorization Act (NDAA), passed in by the House in September to continue funding the military, included multiple amendments expanding CISA’s oversight authority of critical infrastructure. One amendment would create a Cyber Incident Review Office, and require certain entities to submit reports about incidents in their systems. The NDAA for Fiscal Year 2022 still needs approval by the Senate, and amendments in the two chambers may not survive the process of getting both bills to match.
“The U.S. intelligence community has confirmed that foreign adversaries like Russia, China, Iran, and North Korea currently have the capability to launch cyber attacks against our nation’s critical infrastructure,” Garbarino said. “The threat is real and must be met with practical mitigation measures.”
Eric Burk is a reporter at The Virginia Star and The Star News Network. Email tips to [email protected].
Photo “Abigail Spanberger” by Congresswoman Abigail Spanberger. Photo “John Katko” by Congressman John Katko. Photo “Andrew Garbarino” by Andrew Garbarino. Background Photo “Gov. Wolf Continues Effort to Secure Critical Infrastructure Funding” by Governor Tom Wolf. CC BY 2.0.