After a two-day meeting that included deciding which amendments to the fiscal year (FY) 2022 National Defense Authorization Act (NDAA) will receive votes, the House Rules Committee ruled several cybersecurity provisions to see floor votes when the measure comes up.
Among them, amendments to limit the term of Cybersecurity and Infrastructure Security Agency (CISA) director to five years, creating a training program between CISA and the Department of Veterans Affairs (VA), and requiring biennial updates to CISA’s incident response plan will see the floor.
The amendment to limit the CISA director’s term to five years and reaffirms that it is a presidentially appointed position was initially introduced by Reps. Andrew Garbarino, R-N.Y., and Jim Langevin, D-R.I., is similar to the Cyber Leadership Act proposed by Garbarino recently.
The Rules Committee also decided on an amendment to create a cybersecurity training program at the VA that would train vets and armed service members transitioning to civilian life. The program would have a partner apprenticeship program at CISA.
Other amendments to receive votes include one by Reps. Yvette Clarke, D-N.Y., and Garbarino – the chair and ranking member of the Homeland Cybersecurity, Infrastructure Protection and Innovation Subcommittee – to require CISA to update its incident response plan at least every two years.
Another pair of amendments the duo appears on alongside Homeland Security chair and ranking member Reps. Bennie Thompson, D-Miss., and John Katko, R-N.Y., would establish a Cyber Incident review office at CISA. Another would authorize CISA’s CyberSentry program, which focuses on the cybersecurity of industrial control systems.
Amendment’s that would codify a National Cyber Exercise program at CISA and require the Department of Defense to submit a report about how the Cybersecurity Maturity Model Certification (CMMC) would affect small businesses.
An amendment that had the support of the American Federation of Government Employees (AFGE) and would have created a Civilian Cyber Corps at the Department of Homeland Security will not receive a floor vote. However, one that the union stands in opposition to – absent the addition of a public disclosure requirement – will receive a floor vote.
The amendment, proposed by Rep. Tony Gonzalez, R-Tex., would create a National Digital Reserve Corps at the General Services Administration. The program would allow private sector cyber employees to work with government agencies for up to 30 calendar days to work on AI, cybersecurity, and digital projects.
Having passed a continuing resolution to keep the government funded, the House is expected to take up the FY2022 NDAA before the end of the week.