Senate Commerce panel approves cybersecurity bill

The Senate Commerce Committee unanimously approved an industry-backed bill aimed at boosting the nation's cybersecurity on Tuesday, paving the way for a full Senate vote on the measure before the end of the year.

The bill, authored by Senate Commerce leaders Jay RockefellerJohn (Jay) Davison RockefellerBottom Line World Health Day: It's time to fight preventable disease Lobbying World MORE (D-W.Va.) and John ThuneJohn Randolph ThuneRepublicans ready to become deficit hawks again under a President Biden Democrats brush off calls for Biden to play hardball on Cabinet picks Overnight Defense: Pentagon set for tighter virus restrictions as top officials tests positive | Military sees 11th COVID-19 death | House Democrats back Senate language on Confederate base names MORE (R-S.D.) would codify a section of President Obama's cybersecurity order that tasks the Commerce Department's National Institute of Standard and Technology (NIST) to work with businesses to craft a framework of cybersecurity best practices and standards. NIST has already held a set of workshops with industry groups across the country to start drafting the framework, which is due in October. 

The bill has received backing from a wide range of industry groups, including USTelecom and the U.S. Chamber of Commerce, for its non-regulatory approach.

"Our bill takes some important steps to help our private companies and our government agencies to defend their networks against their adversaries," Rockfeller said in his opening statements at the panel's markup. "It doesn’t do everything we need to do to improve our cybersecurity, but it’s a good start and I thank Senator Thune for working with me on this urgent issue."

The bill would also boost cybersecurity research and development, education and public awareness about cyber threats. 


Commerce panel members adopted five non-controversial amendments to the bill, which were not debated during Tuesday's markup. An amendment from Sen. Amy KlobucharAmy KlobucharHillicon Valley: YouTube suspends OANN amid lawmaker pressure | Dems probe Facebook, Twitter over Georgia runoff | FCC reaffirms ZTE's national security risk Democrats urge YouTube to remove election misinformation, step up efforts ahead of Georgia runoff YouTube temporarily suspends OANN account after spreading coronavirus misinformation MORE (D-Minn.) would require the Government Accountability Office to conduct a report every two years on NIST's efforts to develop standards and procedures to reduce the risk of cyberattacks against critical infrastructure. Additionally, an amendment from Sen. Mark WarnerMark Robert WarnerHarris shares Thanksgiving recipe: 'During difficult times I have always turned to cooking' Biden leans on foreign policy establishment to build team Trump relents as GSA informs Biden transition to begin MORE (D-Va.) that was adopted to the bill would establish research centers for cybersecurity.

Last year the Senate failed twice to pass a sweeping cybersecurity bill that would have encouraged critical infrastructure companies, such as power plants and water systems, to adopt a set of cybersecurity standards into their computer systems and networks so they're protected from hackers. Senate Republicans blocked the bill, which Rockefeller co-sponsored, because they believed it would make businesses follow new costly regulations. 

This post was updated at 5 p.m.