House lawmakers last week approved two pieces of legislation that would add significant new network security and policy taskings to the Commerce Department’s National Telecommunications and Information Administration (NTIA) component.
One of those bills – the NTIA Policy and Cybersecurity Coordination Act – would create within NTIA a new Office of Policy Development and Cybersecurity to analyze and develop policies related to internet and communications technologies.
According to a summary of the bill, the new office’s scope would include developing policies that promote “innovation, competition, and other elements of the communications, media, and technology markets,” security and resilience to cybersecurity incidents while fostering innovation, and commercialization of communications technologies.
The legislation would redesignate the existing Associate Administrator for Policy Analysis and Development within NTIA to the new position of Associate Administrator for Policy Development and Cybersecurity.
The bill was introduced by Reps. Jay Obernolte, R-Calif., and Jennifer McClellan, D-Va., as Federal cyber officials and lawmakers alike work to protect the nation’s telecom networks from foreign adversaries, including the China-backed Salt and Volt Typhoon groups.
“As more and more of Americans lives move into a digital format, it’s leaving the information of Americans more and more vulnerable to cyber attacks,” said Rep. Obernolte when introducing his bill to the House floor on July 14.
“That’s why it is critical that we establish cybersecurity protocols and capabilities to counter the threats, not just to foreign actors, but of cyber criminals and transnational criminal organizations who attempt to breach our data security and access the data of Americans,” he continued.
Speaking in support of the measure on the House floor, Rep. Bob Latta, R-Ohio, pointed to continued threats from Salt Typhoon, saying that the legislation “bolsters our nation’s cybersecurity posture by strengthening the coordination between … NTIA and other relevant Federal agencies … [while also facilitating] public private partnerships to develop and implement cybersecurity policies relating to communication networks.”
This is the second go-around for the bill introduced by the bipartisan pair of representatives. The measure passed the House last year but stalled in the Senate. The bill approved by the House last week has been delivered to the Senate and awaits action by the Senate Commerce, Science, and Transportation Committee.
Wireless Networks Bill
Separately, the House on July 14 voted to approve Understanding Cybersecurity of Mobile Networks Act sponsored by Reps. Kat Cammack, R-Fla., and Greg Landsman, D-Ohio.
The bill would instruct NTIA to lead a Federal government analysis of mobile network and device security risks, including exposure to cyber threats and surveillance.
NTIA’s report, the bill says, must include:?(1) an assessment of the degree to which mobile service providers have addressed certain cybersecurity vulnerabilities; (2) a discussion of the degree to which these providers have implemented cybersecurity best practices and risk assessment frameworks; and (3) an estimate of the prevalence and efficacy of encryption and authentication algorithms and techniques.”
That House-approved measure also has been sent to the Senate and awaits action by the Senate Commerce, Science, and Transportation Committee.