Bipartisan legislation has recently been introduced in the U.S. House of Representatives by Republican Congressman Dan Crenshaw of Texas and Democratic Representative Seth Magaziner.
The bill, known as the Contingency Plan for Critical Infrastructure Act, aims to create a public report that would help Congress assess the ability of critical infrastructure to operate manually during cyber-attacks. This legislative initiative highlights the growing concern over cyber threats from nations like China, Russia, Iran, and North Korea, as well as state-affiliated groups, which pose significant risks to national and economic security.
The bill has been referred to both the Committee on Homeland Security and the Committee on Transportation and Infrastructure. It calls for the director of the Cybersecurity and Infrastructure Security Agency (CISA), in cooperation with the Federal Emergency Management Agency (FEMA) and other relevant agencies, to conduct a thorough sector-by-sector assessment. This assessment would evaluate the National Cyber Incident Response Plan’s effectiveness in addressing risks to critical infrastructure, particularly its ability to switch to manual operations swiftly.
Additionally, the legislation would review CISA’s and FEMA’s capacities and obligations, including their ability to respond to cyber incidents and assist in maintaining essential operations. It also seeks to analyze the potential costs and challenges associated with requiring sectors to transition to manual operations during cyber incidents, considering financial, logistical, and operational impacts. The bill also proposes the development of policy recommendations to ensure continuous operation of critical infrastructure during widespread cyber events.
Moreover, the legislation mandates FEMA to update its planning considerations for cyber incidents to include best practices and guidelines for critical infrastructure personnel. It also outlines steps for infrastructure owners and operators to effectively respond to varying degrees of system degradation and provides guidelines on addressing cyber incidents affecting industrial control devices.
In statements, Congressman Crenshaw emphasized the paramount threat of cyber-attacks to America’s critical infrastructure, highlighting the need for more private sector involvement and a comprehensive assessment to bolster resilience against future cyber threats. Representative Magaziner stressed the importance of protecting infrastructure that Americans rely on, such as water, energy, transportation, and communications, from cyber-attacks.
FBI Director Christopher Wray also highlighted the threat from Chinese government-backed hackers earlier this year, underscoring the importance of preparing for and mitigating the effects of cyber-attacks on critical civilian infrastructure.
In related developments, members of the U.S. House Committee on Homeland Security have urged the Departments of Homeland Security and Energy to declassify information about national security threats posed by unmanned aerial systems from China, following reports from Sandia National Laboratories about the risks associated with drones from companies like DJI and Autel Robotics.
Source: industrialcyber.co
