Jump to content

Cybersecurity Preparedness Act


Sheridan

Recommended Posts

Senator BARILLA, for himself, submits

A BILL

To reduce cyber threats to the United States government, and for other purposes

SECTION 1. SHORT TITLE.

(a) This bill may be cited as the “Cybersecurity Preparedness Act”. 

SEC. 2. INSIDER THREAT PROGRAM. 

(a) All agencies of the US federal government shall establish an Insider Threat Program to harden systems and train employees on insider threats to agency cybersecurity, including the threats of:

(1) rogue employees accessing or exfiltrating sensitive data;

(2) phishing, smishing vishing, or other attempts to gain access to sensitive data;

(3) other social engineering attacks. 

(b) Insider Threat Programs shall include, at least:

(1) training of employees in how to identify insider threats, phishing attacks, and social engineering attacks;

(2) the use of automated scans to identify suspicious behavior or possible vulnerabilities;

(3) institution of policies on emailing agency data outside of the agency. 

SEC. 3. EXPEDITED CYBERSECURITY PROCUREMENT. 

(a) Any agency of the US federal government may make a direct, non-competitive award to any qualified cybersecurity vendor for the purpose of improving agency cybersecurity. 

(b) A “qualified cybersecurity vendor”, for purposes of this act, shall be defined as:

(1) any Federally Funded Research and Development Center (FFRDC);

(2) any private vendor designated as a “qualified cybersecurity vendor” by the Department of Homeland Security. 

SEC. 4. PROTECTING DIPLOMATS FROM SURVEILLANCE FROM CONSUMER DEVICES. 

(a) Policy On Location-Tracking Consumer Devices.—Not later than 60 days after the date of the enactment of this Act, the Secretary of State shall establish a policy on the use of location-tracking consumer devices, including GPS-enabled devices, at United States diplomatic and consular facilities by United States Government employees, contractors, locally employed staff, and members of other agencies deployed to or stationed at such facilities.

(b) Security Briefing.—Existing and new employees at United States diplomatic and consular facilities, including contractors, locally employed staff, and members of other agencies deployed to or stationed at such facilities, shall, as a part of the security briefings provided to such employees, be informed of the policy described in subsection (a) and given instructions on the use of location-tracking consumer devices both on and off the premises of such facilities.

(c) Coordination.—The Secretary of State shall coordinate with the heads of any other agencies whose employees are deployed to or stationed at United States diplomatic and consular facilities in the formulation of the policy described in subsection (a) and the dissemination of such policy pursuant to subsection (b)

(d) Report.—Not later than 30 days after the formulation of the policy described in subsection (a), the Secretary of State shall submit to the Committee on Foreign Affairs of the House of Representatives and the Committee on Foreign Relations of the Senate a report on the details of such policy.

SEC. 5. PUBLIC-PRIVATE CYBERSECURITY EXCHANGE PROGRAM. 

(a) Any agency of the US federal government shall be authorized to participate in a public-private cybersecurity exchange program. 

(b) A “public-private cybersecurity exchange program” shall be defined as a program where a government cybersecurity employee serves a rotation of up to 18 months working in a private sector entity, or where a private sector cybersecurity employee serves a rotation of up to 18 months working in a US government agency.

(c) The Office of Personnel Management shall enact streamlined processes for onboarding of private sector employees serving in government under this section, and shall serve as a clearinghouse for positions and openings under this program. 

SEC. 6. CYBERSECURITY EXPERT SIGNING BONUS. 

(a) Any agency of the US federal government shall be authorized to make a one-time “signing bonus” payment to any newly hired cybersecurity expert deemed highly qualified. Signing bonuses shall be capped at no more than 25% of an employee’s starting salary. 

(b) The sum of $200 million is hereby appropriated to the Office of the Director of National Intelligence for the purpose of funding such signing bonuses in US intelligence agencies. Such funding may be transferred by the office of the DNI to US intelligence agencies for the purpose of providing signing bonuses. 

SEC. 7. CYBERSECURITY GRANTS. 

(a) The sum of $500 million per year for each of the next four years is hereby appropriated to the Department of Homeland Security for the purposes of funding grants issued to state and local governments for the purpose of enhancing cybersecuity of state and local government agencies, or critical pieces of infrastructure.

(b) The sum of $500 million per year for each of the next four years is hereby appropriated to the Office of Justice Programs within the Department of Justice, for the purpose of funding grants to state and local law enforcement agencies for the purpose of enhancing the cybersecurity of state and local law enforcement. 

SEC. 8. ENACTMENT.

(a) This bill shall go into effect immediately upon Constitutional passage. 

Senator John Kadar (R-WV)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...