Senate Bill Seeks to Help Companies Directly Counter Hackers

Senate Bill Seeks to Help Companies Directly Counter Hackers
Capitol Hill

Sens. Sheldon Whitehouse, D-R.I., and Steve Daines, R-Mont., have proposed a bill that would direct the Department of Homeland Security to study the potential advantages and risks of allowing private sector organizations to initiate measures against hackers during cyberattacks.

The bipartisan bill would require DHS to submit a report containing its recommendations and findings, including potential impacts on national security and foreign affairs, federal oversight, private entities that would be allowed to take actions, safeguards and level of certainty for attribution, Whitehouse’s office said Wednesday.

“The Colonial Pipeline ransomware attack shows why we should explore a regulated process for companies to respond when they’re targets,” said Whitehouse. “This bill will help us determine whether that process could deter and respond to future attacks, and what guidelines American businesses should follow.”

Current law authorizes the federal government to launch offensive operations against hackers and limits U.S. companies to internal defensive actions. Once the measure becomes law, DHS has 180 days to submit the report.

“The federal government should do more to empower the private sector to directly counter cyber threats from across the globe rather than tie their hands," said Daines.

You may also be interested in...

Cybersecurity

DHS, NIST List Goals for Cyber Best Practices

The Department of Homeland Security (DHS) and the National Institutes of Standards and Technology (NIST) have jointly classified cybersecurity practices into nine categories as bases for cyber performance goals. The nine categories each have specific objectives with regard to how secure control systems are operated and deployed, NIST said Thursday.