Cyber bills on federal regs, health security and workforce clear Senate panel
Cybersecurity legislation aimed at unscrambling regulations, strengthening health system protections and bolstering the federal workforce sailed through a key Senate committee Wednesday, moving the trio of bipartisan bills to future consideration before the full chamber.
The Senate Homeland Security and Governmental Affairs Committee voted first on the Streamlining Federal Cybersecurity Regulations Act, a bill co-sponsored by committee Chair Gary Peters, D-Mich., and Sen. James Lankford, R-Okla., that seeks to streamline the country’s patchwork of federal cyber rules.
The bill would harmonize federal cyber requirements for the private sector, which has long been critical about conflicting rules imposed by agencies. A committee made up of the national cyber director, the chief of the Office of Management and Budget’s Office of Information and Regulatory Affairs, the heads of each federal regulatory agency and other government leaders as determined by the chair would be charged with identifying cyber regulations deemed “overly burdensome, inconsistent, or contradictory” and recommending updates accordingly.
Also moving forward Wednesday was the Healthcare Cybersecurity Act from Sens. Jacky Rosen, D-Nev., Todd Young, R-Ind., and Angus King, I-Maine. The legislation, which came in the aftermath of the February ransomware attack on the payment processor Change Healthcare, calls on the Cybersecurity and Infrastructure Security Agency to collaborate with the Department of Health and Human Services on cyber defenses, providing resources to non-federal entities connected to threat indicators.
The bill would also designate a CISA liaison to HHS for the purposes of coordination during cybersecurity events, supporting health care and public health organizations.
“I look forward to seeing this bipartisan legislation advance so we can ensure federal agencies are equipped with the tools they need to protect this critical infrastructure sector,” Rosen said Wednesday.
The final cyber bill headed to the full Senate is the Federal Cyber Workforce Training Act, which tasks the national cyber director with coming up with a plan to create a centralized resource and training center for federal cybersecurity workforce development.
The legislation from Sens. Mike Rounds, R-S.D., and Jon Ossoff, D-Ga., “would make it easier for federal government employers to prepare newly hired, early-career personnel for federal cyber positions,” per a press release that announced the bill’s introduction. “It would also support new skills for federal workers moving jobs mid-career. The program would leverage the private sector, specifically academia, to develop and deliver cyber training.”
Ossoff pointed Wednesday to a handful of home-state successes that would be supported by the legislation: Augusta University’s Georgia Cyber Center, the U.S. Army Cyber Center of Excellence at Fort Eisenhower and “HBCUs in Atlanta that are rapidly scaling cyber workforce curricula and training programs.”
“This bipartisan legislation will support those efforts and efforts across the country to strengthen our cyber workforce,” Ossoff said. “These are not just good-paying jobs; they are good-paying jobs that are essential to our national security.”
All three cybersecurity bills were passed out of committee by 10-1 votes, with ranking member Sen. Rand Paul the lone holdout on each. The Kentucky Republican said at the top of Wednesday’s session that he planned to oppose several bills because legislation passed out of the committee in 2024 has totaled $10.5 billion in spending. “I don’t know if any of them actually ever reduced any spending,” Paul said.
The Senate panel will reconvene in September following the chamber’s August recess. A committee aide told CyberScoop that it hasn’t yet been determined when the three cyber bills will receive full Senate votes.
