House panel advances bill to create cybersecurity standards for government IT devices

House panel advances bill to create cybersecurity standards for government IT devices
© Getty Images

The House Oversight and Reform Committee approved bipartisan legislation on Wednesday that would establish baseline cybersecurity standards for government-purchased internet-connected devices.

The approval, done through a voice vote, advances the The Internet of Things Cybersecurity Improvement Act of 2019 toward a vote on the House floor.

The legislation is aimed at reducing the risks to government information technology from cyberattacks, and directs the National Institute of Standards and Technology to establish recommendations for the federal government on “the appropriate use and management” of the devices by no later than March 31, 2020.

ADVERTISEMENT

"Internet of things" devices include those with internet connections and those that are able to send and receive data, such as laptops and mobile phones.

The bill is spearheaded by Reps. Robin KellyRobin Lynne KellyHillicon Valley: FCC moves against Huawei, ZTE | Dem groups ask Google to reconsider ads policy | Bill introduced to increase data access during probes Dems call out Oracle for lack of diversity on its board Overnight Health Care: GOP senator says drug price action unlikely this year | House panel weighs ban on flavored e-cigs | New York sues Juul MORE (D-Ill.) and Will HurdWilliam Ballard HurdThe Hill's Morning Report - Report of Bolton tell-all manuscript roils Trump defense The Hill's Morning Report — Dems detail case to remove Trump for abuse of power The Hill's Morning Report - House prosecutes Trump as 'lawless,' 'corrupt' MORE (R-Texas), and has almost two dozen other bipartisan co-sponsors.

Kelly described the bill as a “major step towards improving our nation’s cybersecurity,” adding that “we have an obligation to prevent these devices from becoming a backdoor for hackers and tools for cyber criminals.”

Hurd highlighted in a statement the severity of threat from malicious cyber criminals trying to steal data, saying that “we must act now to ensure these devices are built with security in mind, not as an afterthought.”

While the bill was approved, House Oversight and Reform Committee ranking member Jim JordanJames (Jim) Daniel JordanBolton upends Trump impeachment trial  Government privacy watchdog under pressure to recommend facial recognition ban Jordan says he thinks trial will be over by next week MORE (R-Ohio) expressed concern during the committee meeting that the legislation might be “redundant” due to existing federal cybersecurity standards, and that it could create “de facto regulations for the entire [internet of things] sector” beyond just the federal government.

House Oversight and Reform Committee Chairman Elijah CummingsElijah Eugene CummingsBaltimore unveils plaques for courthouse to be named after Elijah Cummings GOP leaders encourage retiring lawmakers to give up committee posts Pelosi taps Virginia Democrat for key post on economic panel MORE (D-Md.), however, expressed “strong” support for the legislation.

There is a Senate version of the Internet of Things Cybersecurity Improvement Act, which is sponsored by Sens. Mark WarnerMark Robert WarnerDemocrats worry Trump team will cherry-pick withheld documents during defense Commerce Department withdraws Huawei rule after Pentagon pushback: reports  Hillicon Valley — Presented by Philip Morris International — Bezos phone breach raises fears over Saudi hacking | Amazon seeks to halt Microsoft's work on 'war cloud' | Lawmakers unveil surveillance reform bill MORE (D-Va.), Cory GardnerCory Scott GardnerOvernight Energy: Sanders scores highest on green group's voter guide | Trump's latest wins for farmers may not undo trade damage | Amazon employees defy company to speak on climate change Progressive group targeting vulnerable GOP senators on impeachment witnesses Ad campaign pressures Gardner on Arctic National Wildlife Refuge bill MORE (R-Colo.), Maggie HassanMargaret (Maggie) HassanCyberattacks against North Dakota state government skyrocket to 15M per month Hillicon Valley: Biden calls for revoking tech legal shield | DHS chief 'fully expects' Russia to try to interfere in 2020 | Smaller companies testify against Big Tech 'monopoly power' Bipartisan group of senators introduces legislation to boost state cybersecurity leadership MORE (D-N.H.), Steve DainesSteven (Steve) David DainesSchiff sparks blowback with head on a 'pike' line Lawmakers introduce bill to reform controversial surveillance authorities Koch network could target almost 200 races in 2020, official says MORE (R-Mont.), Catherine Cortez MastoCatherine Marie Cortez MastoOvernight Defense: Veterans group seeks Trump apology for comments on brain injuries | Pentagon says dozens of troops suffered traumatic injuries after attack | Trump unveils Space Force logo Senators push Pentagon on Syria strategy after withdrawal uproar, Soleimani strike Senate Democrats launch investigation into Trump tax law regulations MORE (D-Nev.) and Mike RoundsMarion (Mike) Michael RoundsRepublicans show little enthusiasm for impeachment witness swap Bolton sparks internal GOP fight over witnesses Drug price outrage threatens to be liability for GOP MORE (R-S.D.).

The Senate version of the bill has not seen action since being introduced in March, though a spokesperson for Warner told The Hill on Wednesday that there have been “encouraging conversations” with the Senate Homeland Security and Governmental Affairs Committee about the bill being marked up “in the coming weeks.”

Kelly, in committee discussions on Wednesday, noted that the legislation has support from industry groups including Verizon, Tenable, Symantec, BSA: The Software Alliance and wireless trade group CTIA.