A slew of new bills, ranging from heightened cybersecurity measures to agency relocations, are making their way through Congress. If passed, these pieces of legislation will have wide-reaching impacts on a number of different federal players, whether the Office of Management and Budget, the National Science Foundation or third-party vendors. Bolstering vendor cybersecurity One bill, introduced by Rep. Ted Lieu (D-Calif.), would require government contractors to maintain vulnerability disclosure policies in light of...
A slew of new bills, ranging from heightened cybersecurity measures to agency relocations, are making their way through Congress. If passed, these pieces of legislation will have wide-reaching impacts on a number of different federal players, whether the Office of Management and Budget, the National Science Foundation or third-party vendors.
Bolstering vendor cybersecurity
One bill, introduced by Rep. Ted Lieu (D-Calif.), would require government contractors to maintain vulnerability disclosure policies in light of recent cyberattacks, such as the ransomware attack on meat supplier JBS USA.
The Department of Homeland Security issued a directive in 2020 that pushed agencies to publish VDPs — which allow ethical hackers to detect security risks and report them to an organization — but contractors are not required to do the same. This new bill, called the Improving Contractor Cybersecurity Act, is meant to help prevent breaches within these vendors’ networks.
“There is no reason government contractors shouldn’t also be asked to maintain vulnerability disclosure policies, given the complex web of third-party vendors on which the United States relies,” said Lieu.
Chris Painter, former State Department coordinator for cyber issues under President Barack Obama, additionally voiced his support for the legislation in a press release.
“Vulnerability discovery and responsible disclosure of the kind championed by this bill is a foundational part of a more secure cyber ecosystem and helping to prevent malicious actor’s exploiting our government and private sector systems,” Painter said.
Executive agencies to relocate outside of Washington
Rep. Tim Ryan (D-Ohio) introduced the Federal Government Decentralization Commission Act. The bill would establish a commission within the General Services Administration to study the relocation of some agencies outside of the Washington metropolitan area and make recommendations to Congress on its findings.
The Federal Government Decentralization Commission would consist of 10 members appointed by the Senate majority and minority leaders, the Speaker of the House, the minority leader of the House and the GSA administrator, who would serve as the commission’s chairperson.
If the legislation gets passed, the commission will have two years to submit to Congress a plan for the relocations, along with an economic and workforce development study on the proposed areas. The plan will focus on relocations to low-income communities or areas best suited for the executive agency.
“Our government belongs to all Americans, and communities across the United States should be able to benefit from the economic boost these employment centers could bring, especially to economically distressed places,” said Ryan.
Cybersecurity grants for state, local governments
The House Homeland Security Committee presented an amendment to the Homeland Security Act of 2002, which would allow state and local governments to receive cybersecurity grants. Rep. Yvette Clarke (D-N.Y.), chairwoman of the Homeland Security Committee’s cybersecurity panel, introduced the bill, titled the State and Local Cybersecurity Improvement Act.
Under the bill’s provisions, states and other local entities can apply to a $500 million annual cybersecurity grant program administered by the Department of Homeland Security. DHS’s Cybersecurity and Infrastructure Security Agency additionally will work with state and local governments to develop a cybersecurity improvement guide.
A version of this act passed the House during Congress’ last session, but it failed to pass through the Senate. The bill’s sponsors said this piece of legislation is urgent in the aftermath of recent cybersecurity attacks.
“In the decade since I first chaired the cybersecurity subcommittee, the number of cases and the financial impact of ransomware have skyrocketed. These attacks are more than a mere inconvenience — they are a national security threat,” Clarke said in a release.
Agency budgets, spending made publicly available
The Senate Homeland Security and Governmental Affairs Committee brought forward a bill that would require all agencies’ budget justifications and appropriation requests be made public. Dubbed the Congressional Budget Justification Transparency Act of 2021, the legislation is an amendment to the Federal Funding Accountability and Transparency Act of 2006, which mandated that all entities receiving federal funds be disclosed.
With the passage of this bill, agencies will publish justifications for their budget requests on a centralized, searchable website, in addition to the agency’s own website.
“Hardworking Americans everywhere deserve to know how their tax dollars are being spent, but budget justifications are often difficult to find or concealed from the public completely,” said Sen. Gary Peters (D-Mich.), the bill’s lead sponsor and chairman of the Homeland Security and Governmental Affairs Committee.
The Office of Management and Budget will coordinate the publishing of each agency’s budget justifications — an effort that will cost less than $500,000 over the 2021-2026 period.
OMB, however, stated that the bill’s passage could affect the direct spending of agencies that use fees and other collections to cover operating costs. The net change in spending, though, would be negligible with adjustments to the amount collected by these agencies, OMB estimated.
National Science Foundation to receive funds, leadership
A new bill currently in the Senate, known as the Endless Frontier Act, would establish a directorate for technology and innovation in the National Science Foundation, in addition to various programs related to economic security, research, job creation and supply chain resiliency.
With a new directorate, NSF would have its own independent funding stream aimed toward research for certain technologies like quantum computing, biotechnology and advanced communication.
“This legislation will enhance American competitiveness with China and other countries by investing in American innovation, building up regions across the country to lead in the innovation economy, creating good-paying American manufacturing and high-tech jobs, and strengthening America’s research, development and manufacturing capabilities,” said Majority Leader Chuck Schumer (D-N.Y.), the bill’s lead sponsor.
The Office of Science and Technology would be responsible for developing a strategy each year for the government to enhance its national competitiveness in science, research and innovation. The Department of Commerce, meanwhile, would assist NSF in its supply chain gaps and would award grants to advance technological development and implementation strategies.
After the relocation gutted their workforces, USDA research agencies struggle to rebuild