Rounds unveils comprehensive critical infrastructure defense legislation

Following on the heels of a new National Security Memorandum signed by the president aimed at strengthening cybersecurity for the nation’s critical infrastructure, U.S. Sen. Mike Rounds (R-SD) on July 27 cosponsored the bipartisan Defense of United States Infrastructure Act.

“We cannot ignore the massive cybersecurity vulnerabilities in American infrastructure systems,” Sen. Rounds said. “As we saw with the recent hacks of U.S. companies, our country must act now to identify and prevent future cyberattacks.” 

Sen. Rounds introduced the multi-tiered S. 2491 with bill sponsor U.S. Sen. Angus King (I-ME) to strengthen America’s cyber resilience and improve cybersecurity among the nation’s Systemically Important Critical Infrastructure (SICI). 

If enacted, S. 2491 would amend the Homeland Security Act of 2002 to establish the National Cyber Resilience Assistance Fund; improve the ability of the federal government to assist in enhancing critical infrastructure cyber resilience; improve security in the national cyber ecosystem; and address SICI, among other purposes, according to the congressional record bill summary.

“Our bipartisan bill strengthens the United States’ cyber defense while providing additional resources and personnel for cyber agencies,” said Sen. Rounds, ranking member of the U.S. Senate Armed Services Cybersecurity Subcommittee. “I am glad to join my colleagues to make certain we are prepared to combat these increasingly sophisticated and targeted attacks.”

Specifically, S. 2491 would establish the National Cyber Resilience Assistance Fund to invest in cyber and shift the focus away from reactive disaster spending toward risk-driven, proactive investments in cyber resilience, according to a bill summary provided by Sen. Rounds’ staff.

Additionally, the bill would task the U.S. Secretary of Homeland Security with creating a new designation for the most critical infrastructure — like elements of the power grid, the financial sector, water systems, and others — whose disruption could cause severe damage to national security, economic security, or public health and safety, the summary says.

And among other provisions, S. 2491 would establish hiring authorities for the newly created Office of the National Cyber Director, and task the director of the Cybersecurity and Infrastructure Security Agency to establish the Joint Collaborative Environment, a cloud-based information sharing environment to support a whole-of-government understanding of the cyber threats facing the United States and enable public-private partnerships to confront threats, according to the summary.

The measure has been referred for consideration to the U.S. Senate Homeland Security and Governmental Affairs Committee.