The House Committee on Homeland Security approved two cybersecurity-focused bills – the K-12 Cybersecurity Act and the DHS Software Supply Chain Risk Management Act of 2021 – during a markup on July 28. The two bills will now head to the full House for consideration.
The K-12 Cybersecurity Act, introduced by Rep. Jim Langevin, D-R.I., would direct the Cybersecurity and Infrastructure Security Agency (CISA) “to collaborate with teachers, school administrators, other Federal agencies, and private sector organizations to conduct a study of the cybersecurity risks facing K-12 educational institutions,” according to a press release.
This bill comes during a critical time, as a recent report from Sophos found that ransomware attacks against the education sector hit an all-time high in 2020 – 44 percent of institutions were hit with a ransomware attack.
“With millions of students and families relying on online connectivity for remote learning during this public health crisis, we must ensure cybersecurity is a top priority and that the networks schools are using are safe and secure,” Rep. Langevin said when he introduced the bill. “This legislation will help promote cybersecurity, protect student privacy, and prevent interruptions to distance learning.”
The other piece of legislation the committee approved, the DHS Software Supply Chain Risk Management Act of 2021, aims to protect the Department of Homeland Security’s (DHS) networks from cyberattacks “by modernizing how the Department procures information and communications technology or services (ICT(S)). The bill would require DHS to issue guidance that improves DHS’s insight into the software purchased from new and existing ICT(S) contractors.”
More specifically, the legislation would require DHS to identify the source of every operating software component it uses in order to protect against cyberattacks, according to Rep. Ritchie Torres, D-N.Y., who introduced the legislation.
Rep. Torres said the bill will “ensure our government’s software supply chain is protected against cyberattacks and espionage. Now, let’s get this to the full House floor.”