2022: Fitzpatrick Voted To Reauthorize The National Computer Forensics
Institute Through FY 2032 And Require The Institute To Focus On
Preventing Cybersecurity Incidents, Conducting Forensic Tests Of
Information Systems, And Prioritizing Education And Training For People
From Geographically Diverse Areas. In July 2022, according to
Congressional Quarterly, Fitzpatrick voted for the National Computer
Forensics Institute Reauthorization Act of 2022, which would
"reauthorize the National Computer Forensics Institute administered by
the U.S. Secret Service for 10 years, through fiscal 2032, and modify
and expand its functions. It would update the institute's mission to
include educating, training and equipping law enforcement and other
officials to investigate and prevent cybersecurity threats. It would
require the institute's curriculum to focus on investigating and
preventing cybersecurity incidents, conducting forensic examinations of
information systems, and legal considerations relating to cybersecurity
incidents. Among other provisions, it would require the institute to
research, develop and share approaches to investigating cybersecurity
threats; require the institute to prioritize education and training for
individuals from geographically diverse regions; and require the
Homeland Security Department to annually report to Congress on the
institute's activities and the nomination process for individuals to
participate in institute training." The vote was on passage. The House
passed the bill by a vote 410-16, thus the bill was sent to the Senate.
[House Vote 305,
7/13/22; Congressional
Quarterly, 7/13/22;
Congressional Actions, H.R.
7174]
2022: Fitzpatrick Voted For Enhancing Cyber Incident Reporting
Requirements And Establishing An Interagency Ransomware Task Force
Within The Cybersecurity And Infrastructure Security Agency. In March
2022, according to Congressional Quarterly, Fitzpatrick voted for the
second portion of the Fiscal 2022 Omnibus Appropriations, which would
"bolster cyber incident reporting requirements and require the
Cybersecurity and Infrastructure Security Agency to establish an
interagency ransomware task force. It would incorporate the provisions
of several other bills." The vote was on the motion to concur in the
Senate amendment with a House amendment. The bill was divided and this
vote was the second portion of the bill. The House concurred with the
Senate by a vote of 260-171. After resolving differences, the bill was
sent to the President and became law. [House Vote 66,
3/9/22; Congressional
Quarterly, 3/9/22; Congressional
Actions, H.R.
2471]
The Bill Included An Increase Of "Reporting Of Cyberattacks On
Critical Infrastructure." According to Roll Call, "Other measures
riding on the spending package include legislation to increase
reporting of cyberattacks on critical infrastructure." [Roll Call,
3/9/22]
The Bill Required Cyber Incidents To Be Reported Within 72 Hours
Of An Entity And Required The Entities To Report Within 24 Hours Of
Paying A Ransom As A Result Of A Cyber-Incident. According to
Congressional Quarterly, "Requires cyber incidents to be reported to
the Homeland Security Department's Cybersecurity and Infrastructure
Security Agency within 72 hours of an entity --- particularly
private companies that operate critical infrastructure --- having a
'reasonable belief' that it has occurred. It also requires such
entities to report within 24 hours of making an ransom payment as a
result of a cyber incident." [Congressional Quarterly,
3/9/22]
2022: Fitzpatrick Voted To Require The National Cybersecurity And
Communications Integration Center To Coordinate With State And Local
Governments To Provide Cybersecurity Training, Facilitate Cyber Threat
Information Sharing, Inform On Cybersecurity Tools, Secure Information
Systems, And Promote Cybersecurity Education And Awareness. In May
2022, according to Congressional Quarterly, Fitzpatrick voted for the
State and Local Government Cybersecurity Act of 2021, which would
"require the Homeland Security Department's national cybersecurity and
communications integration center to coordinate with and assist state,
local, tribal and territorial government entities, including to provide
technical cybersecurity training; facilitate the sharing of cyber threat
information with the federal government; provide and periodically update
information on cybersecurity tools, resources and best practices; work
with state and local officials to implement procedures to secure
information systems; and promote cybersecurity education and awareness.
It would require the department to regularly report to Congress on the
services the center provides to state and local entities." The vote was
on passage. The House passed the bill by a vote of 404-14, thus the bill
was sent to the President. [House Vote 194,
5/17/22; Congressional
Quarterly, 5/17/22;
Congressional Actions, S.
2520]