The Senate Homeland Security and Governmental Affairs Committee on Tuesday approved a bipartisan bill aimed at helping commercial satellite companies, in particular small businesses, strengthen the cybersecurity of their systems by making it easier to gather resources.
The Satellite Cybersecurity Act (S. 1425) directs the Cybersecurity and Infrastructure Security Agency (CISA) to establish and maintain a publicly available online Commercial Satellite System Cybersecurity Clearinghouse that contains industry-related cybersecurity resources, including materials to assist small businesses with the secure development, operation and maintenance of commercial satellite systems, and a consolidated list of voluntary cybersecurity recommendations to help with these systems.
The bill requires that CISA stand up the clearinghouse within 180 days of enactment. The bill must still be approved by the Senate and the House.
CISA is also required to partner with industry on implementing the clearinghouse and coordinate with the Office of the National Cyber Director (ONCD), the National Space Council, and appropriate federal agencies.
The bill also directs the National Space Council and ONCD, working with relevant federal agencies, to submit a strategy “for the activities of Federal agencies to address and improve the cybersecurity of commercial satellite systems.”
Sen. Gary Peters (D-Mich.), chairman of the committee, said in a statement that “Cybercriminals will stop at nothing to disrupt American lives and livelihoods, and an attack on commercial satellites could have devasting implications. That’s why we must ensure companies that operate commercial satellites have the proper resources to prevent disruptive cyber-attacks.”
The committee also passed a measure that would have CISA initiate a pilot project establish a Civilian Cybersecurity Reserve at the agency to be able to tap into additional manpower in the event of a cybersecurity crisis. The Department of Homeland Security Civilian Cybersecurity Reserve Act (S. 885) passed the Senate in 2022 but did not make it through all of Congress.
CISA would re required to submit an implementation plan to Congress for the reserve within a year of enactment.
The committee also approved the Protecting the Border from Unmanned Aircraft Systems Act (S. 1443), which would require DHS, in coordination with the Departments of Justice, Defense, State and Energy, and the Federal Aviation Administration and Director of National Intelligence, to develop a strategy for creating a unified posture on counter-drone capabilities and protections at covered facilities and assets along the international borders of the U.S.
The strategy is also required to examine how “malign actors” are using UAS in the border environment and for what purposes, and to assess the C-UAS systems necessary to identify illicit activity and protect against drone threats.
The cybersecurity bills were approved by a vote of 10 to one and the C-UAS bill nine to one with Sen. Rand Paul (R-Ky.), the ranking member, the lone dissenter.
Separately on Tuesday, the House Homeland Security Committee approved the Unmanned Aerial Security Act (H.R. 1501), which prohibits DHS from operating, financing or procuring UAS or related systems that are made in certain foreign countries or by companies that are based in these countries. The covered countries are those identified by the intelligence community as foreign adversaries.
The bill allows DHS to waive the prohibition for conducting C-UAS research and testing, for conducting intelligence, electronic warfare or information warfare testing and analysis, and if its in the interest of the U.S.