Cyberattacks and cybersecurity vulnerabilities made news headlines multiple times in 2021. From the Colonial Pipeline breach to the JBS breach to the University of California Schools ransomware attack, and many others (unfortunately). Cyber attacks have been on the rise, and the likelihood of them slowing down is pretty slim. The good news (yeah, that is odd to say) is that the U.S. Government has taken notice of the influx of attacks and has taken action.
In late July 2021, the U.S. House of Representatives passed several bills focused on cybersecurity, and it looks like there may be more in the works. The four that passed in July are as follows:
The State and Local Cybersecurity Improvement Act (HR 3138)
HR 3138 would authorize a new $500 million grant program. It will provide state, local, tribal and territorial governments with dedicated funding. This will secure their networks from ransomware and other cyberattacks.
The Cybersecurity Vulnerability Remediation Act (HR 2980)
HR 2980 aims to allow the Cybersecurity and Infrastructure Security Agency (CISA) to assist critical infrastructure owners and operators. This will help with mitigation strategies against the most critical, known vulnerabilities.
The CISA Cyber Exercise Act (HR 3233)
HR 3233 establishes a National Cyber Exercise program within CISA. This will help to promote more regular testing and systemic assessments of preparedness and resilience to cyberattacks against critical infrastructure.
The DHS Industrial Control Systems Capabilities Enhancement Act of 2021 (HR 1833)
HR 1833looks to improve CISA’s ability to detect and mitigate cyber threats and vulnerabilities to industrial control systems.
Is this “Corporate Speak”
While Bills and Acts tend to sound a lot like “corporate speak”. These Bills hold real value for businesses and individuals. Cyberattacks impact all of us, even though they may seem like they do not. For example, the Colonial Pipeline breach took down the largest fuel pipeline in the United States. This lead to fuel shortages across the East Coast. Those that live and have businesses along the East Coast felt the impacts pretty quickly. Those not living on the East Coast waited to see if the shortages would impact them. And how their business partners in those areas would work through the issues. But beyond that, it caused a slight (perhaps more than slight) panic throughout the United States. If it could happen to the largest pipeline, where else could a cyberattack happen?
Helping Pave the Way
That’s why Bills like those passed by the U.S. House of Representatives are important. They provide funds and people-power to secure networks, determine mitigation strategies. This will allow for more testing at the Government, critical infrastructure, and industrial control systems levels. More than that, they signal the importance of cybersecurity on a national level. This type of signal can help pave the way for businesses to get even more serious about cybersecurity. It can also help nudge those who may not see the benefit of spending a budget on cybersecurity, to change their minds.
Staying in the Forefront
While it’s hard to predict what will come next. There is an emphasis on cybersecurity by the House and Senate is unlikely to dissipate. Instead, it will likely continue to stay at the forefront of their minds. And we encourage business owners to keep cybersecurity on the forefront of their minds as well. Stay up-to-date on cybersecurity trends by reading the Intivix blog, work with a strong IT Managed Service Provider with expertise in cybersecurity and disaster recovery, and keep employees in the loop on how they can help prevent cyber-crimes. If we’ve learned anything from the cyber-attack news headlines. It’s that we need to continue to focus on cybersecurity because hackers are definitely not slowing down on their attacks.
If you’re interested in enhancing your cybersecurity efforts, consider contacting Intivix. We’ve worked with multiple organizations to develop a cybersecurity plan, mitigate situations. We have also built appropriate disaster recovery, along with business continuity plans.