Washington, D.C. — The U.S. House of Representatives conveyed its commitment to stronger U.S. cybersecurity by voting to include an amendment by Reps. Yvette Clarke (D-NY), Bennie Thompson (D-MS), John Katko (R-NY) and Andrew Garbarino (R-NY) in the National Defense Authorization Act for Fiscal Year 2022 (NDAA). The amendment will facilitate better cybersecurity threat and information sharing between the public and the private sectors and will help critical infrastructure more efficiently and effectively respond to cyber events that threaten the resiliency of the U.S. financial system. In response to the vote to include the amendment, BPI Executive Vice President and President of BITS Chris Feeney issued the following statement:
We commend the House on its commitment to fortify America’s security by improving the Cybersecurity and Infrastructure Security Agency’s ability to collect, analyze and disseminate cyber threat information across critical infrastructure sectors, and call on the Senate to drive this momentum through to final passage. Banks keep America’s economy in motion despite ongoing threats from nation-states and international criminal organizations, supporting the role of the U.S. financial system as a global leader. This legislation will enhance information sharing and collaboration between the public and private sectors and adds another layer of defense to the American financial system.
The amendment—included as an en bloc amendment, which is a collection of amendments considered and voted on as one—will establish additional reporting obligations for critical infrastructure, including requiring the timely reporting of a confirmed cyber incident to CISA, which will improve CISA’s awareness of cyber threats and ability to analyze and disseminate helpful information back to the private sector. The amendment recognizes the need to harmonize new reporting requirements with existing rules and regulations, such as those that banks have adhered to for more than 20 years, and carefully balances reporting obligations with a firm’s incident response needs, ensuring front line cybersecurity teams can focus on defending the firm during the critical response window following a cyber event.
About Bank Policy Institute.
The Bank Policy Institute (BPI) is a nonpartisan public policy, research and advocacy group, representing the nation’s leading banks and their customers. Our members include universal banks, regional banks and the major foreign banks doing business in the United States. Collectively, they employ almost 2 million Americans, make nearly half of the nation’s small business loans, and are an engine for financial innovation and economic growth.
Bank Policy Institute