To help strengthen U.S. cyber defenses of technologies used to operate and control industrial systems, the House on Tuesday passed a bill requiring the Cybersecurity and Infrastructure Security Agency (CISA) to begin an effort to train cybersecurity professionals in securing these systems.
The Industrial Control Systems Cybersecurity Training Initiative (H.R. 7777) was introduced by Rep. Eric Swalwell (D-Calif.) and was approved by a vote of 368 to 47.
The bill, which still requires Senate approval and the president’s signature, tasks CISA with creating virtual and in-person training for free across the U.S and at different skill levels, including introductory. The courses would “cover cyber defense strategies for industrial control systems, including an understanding of the unique cyber threats facing industrial control systems and the mitigation of security vulnerabilities in industrial control systems technology,” the bill says.
Separately, President Biden on Tuesday signed into law two bipartisan cybersecurity bills. The State and Local Government Cyber Security Act requires CISA to share cybersecurity threats and vulnerabilities with states and localities. The bill also directs the agency to give states and localities access to tools, policies and procedures for improved cybersecurity, to implement those tools and procedures, and to include them in joint cybersecurity exercises.
The Federal Rotational Cyber Workforce Program Act establishes a program to allow federal cybersecurity employees to rotate between different agencies, gaining new experiences and building their professional networks. The new law is also aimed at helping to attract and retain federal cybersecurity experts.