By Cynthia Brumfield
CSO |
As the 117th Congress moves into summer, typically the time for legislative doldrums, it’s helpful to look back at recently enacted cybersecurity-related legislation and peer ahead to see what bills could become law before the end of the year. Since the beginning of the current Congress on January 3, 2021, at least 498 pieces of legislation have been introduced that deal in whole or part with cybersecurity.
Of these, only 13 have passed both chambers, and even fewer, nine so far, have become law with a presidential signature. However, many of the most meaningful cybersecurity government actions since this Congress began have stemmed not from legislation but from executive branch actions, most notably through President Biden’s sprawling cybersecurity executive order signed in May 2021.
The most noteworthy of the bills enacted since our last update on congressional activity in cybersecurity are:
Looking ahead, several pieces of cybersecurity legislation seem ripe for enactment.
Mark Montgomery, executive director of the CSC 2.0 Project, the successor to the influential Cyberspace Solarium Commission, shared his thoughts with CSO on what additional cybersecurity legislation he would like to see enacted in this year’s National Defense Authorization Act (NDAA), a late-year legislative vehicle that has often been used to accomplish cybersecurity objectives. His “big four” wish list for the NDAA, based on the original Solarium Commission’s recommendations, are:
Copyright © 2022 IDG Communications, Inc.
Copyright © 2022 IDG Communications, Inc.
