Bill > HR5680

Introduced Session

To amend the Homeland Security Act of 2002 to protect United States critical infrastructure by ensuring that the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security has necessary legal tools to notify entities at risk of cybersecurity vulnerabilities in the enterprise devices or systems that control critical assets of the United States, and for other purposes. This bill authorizes the Department of Homeland Security (DHS) to issue a subpoena for the production of information to identify and notify an entity that is put at risk by cybersecurity vulnerabilities. Specifically, the bill requires the DHS Cybersecurity and Infrastructure Security Agency (CISA) to detect, identify, and receive information about security vulnerabilities relating to critical infrastructure in the information systems and devices of public and private entities. To do this, the bill authorizes CISA, upon identification of a system determined to have such a security vulnerability, to issue a subpoena for the production of information that is necessary to identify and notify the at-risk entity.

Committee Categories

James Langevin (D)*,  Sheila Jackson-Lee (D),  John Katko (R),  Stephen Lynch (D),  John Ratcliffe (R),  Cedric Richmond (D),  Bennie Thompson (D), 

Ordered to be Reported. (on 01/29/2020)

Official Document