Reps. John Ratcliffe, R-Texas, and Ro Khana, D-Calif., announced today that they will formally introduce the Advancing Continuous Diagnostics Mitigation (CDM) Act later this week. The House bill, which was dropped off on the House floor today, is identical to its Senate companion bill which was introduced on July 30.
“Our government must have the necessary tools to protect Americans against the massive cybersecurity threats of the 21st century,” Khanna said. “The technology is there: we just have to ensure our agencies have the necessary tools to defend against hackers and cyberthreats. A strong CDM program will be instrumental in that effort.”
The legislation is intended to codify, advance, and modernize the Department of Homeland Security’s (DHS) CDM program. The bill will also expand CDM capabilities across Federal, state, and local governments and agencies.
“As cyber threats continue to increase in frequency and complexity, we must constantly work to enhance our nation’s cyber defense capabilities,” Ratcliffe said. “I’m pleased to be joined by Congressman Khanna and Senators Cornyn and Hassan in our efforts to improve America’s cybersecurity posture by codifying the CDM program and making it available to more agencies at all levels of government.”
Sens. John Cornyn, R-Texas, and Maggie Hassan, D-N.H., who co-sponsored the Senate bill, praised the announcement of the House bill.
“I’m pleased that the House of Representatives is introducing their version of this critical bill, and I look forward to continuing to work on a bipartisan basis across the House and Senate to move this bill forward,” Hassan said. “With constantly evolving threats, it’s critical that the Department of Homeland Security enhances its efforts to monitor and address cybersecurity vulnerabilities as they arise, and importantly, ensures that these resources are available to state and local governments across the country.”
Cornyn stressed the importance of codifying the CDM program into law, “Cyber-attacks on government networks are increasing in frequency and sophistication, so updating the programs and tools Federal agencies use to thwart these attempts is critical. By codifying the CDM program and providing congressional oversight, we can ensure the federal government is better prepared for cyber threats.”
Ratcliffe’s office explained that the legislation:
- Codifies the work of the CDM program to date;
- Requires the Secretary to make CDM capabilities available and develop policies for reporting cyber risks and incidents based upon data collected under CDM;
- Directs the Secretary to deploy new CDM technologies to continuously evolve the program;
- Requires the Secretary to make the CDM program capabilities available for use to civilian departments and agencies, and State, local, and tribal governments; and
- Mandates that DHS develop a strategy to ensure the program continues to adjust to the cyber threat landscape.
This isn’t the first time that a bill to codify CDM into law has been introduced in the House or the Senate. The legislation was first introduced during the last congressional session. While Ratcliffe’s bill passed in the House last year, the legislation stalled in the Senate. When the bill was reintroduced in the Senate in late July, legislators did make a change from the previous bill by adding a provision to require DHS to share cyber defense resources with state and local governments.
