The Advancing Continuous Diagnostics and Mitigation Act, H.R. 4237, was unanimously approved by the House Homeland Security Committee on Oct. 23.
The bill – co-sponsored by Reps. John Ratcliffe, R-Texas, and Ro Khanna, D-Calif. – would “advance and modernize” the Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program by not only codifying the CDM program into law, but also expanding the program’s capabilities and resources to additional Federal agencies and state and local governments.
“The cybersecurity threats to our federal government grow more intense and complex every day,” said Rep. Khanna in a statement. “We have the technology to safeguard our democracy. It’s long past time we put it to use.”
Rep. Ratcliffe said, “CDM has proven to be an indispensable tool for DHS to leverage in identifying, responding to and preventing cyber-attacks against our Federal networks … With the escalating cybersecurity threats we face as a country, I’m hopeful this bill will be brought up for a vote before the full House of Representatives as soon as possible.”
If it becomes law, the bill would:
- Codify the work of the CDM program to date;
- Require the DHS Secretary to make CDM capabilities available and develop policies for reporting cyber risks and incidents based upon data collected under CDM;
- Direct the DHS Secretary to deploy new CDM technologies to continuously evolve the program;
- Require the DHS Secretary to make the CDM program capabilities available for use to civilian departments and agencies, and state, local, and tribal governments; and
- Mandate that DHS develop a strategy to ensure the program continues to adjust to the cyber threat landscape.
The Senate companion bill, which is identical to the House version, was introduced by Sens. John Cornyn, R-Texas, and Maggie Hassan, D-N.H. The bill, S. 2318, is still awaiting committee consideration.