The House has passed – by a voice vote – legislation to give the Homeland Security’s Cybersecurity and Infrastructure Security Agency more teeth in working with the public and private sector to tackle the most critical cyber vulnerabilities.
H.R. 3710, the Cybersecurity Vulnerability Remediation Act, sponsored by Rep. Sheila Jackson Lee (D-TX), would state that “the director may, as appropriate, identify, develop, and disseminate actionable protocols to mitigate cybersecurity vulnerabilities, including in circumstances in which such vulnerabilities exist because software or hardware is no longer supported by a vendor.”
CISA would have a year to submit to Congressional committees “a report on how the Agency carries out subsection (m) of section 2209 of the Homeland Security Act of 2002 to coordinate vulnerability disclosures, including disclosures of cybersecurity vulnerabilities (as such term is defined in such section), and subsection (n) of such section (as added by section 2) to disseminate actionable protocols to mitigate cybersecurity vulnerabilities.”