The Senate Homeland Security and Governmental Affairs Committee voted to approve several cybersecurity-related bills, including the Cybersecurity Awareness Act of 2023.
The committee’s vote to approve the bills sends them to the full Senate for further consideration.
The panel voted 10-2 to approve the Cybersecurity Awareness Act, which would require the Cybersecurity and Infrastructure Security Agency (CISA) to increase its outreach to the most frequent targets of ransomware – including underserved communities that lack access to cybersecurity education.
Committee Chairman Gary Peters, D-Mich., and Sen. Bill Cassidy, R-La., introduced the bill last week.
“Defending against persistent and evolving cyber-security threats will take an all-hands-on-deck effort,” Sen. Peters said in a statement when he introduced the measure. “This bipartisan legislation will help ensure that everyone is playing their part in preventing network breaches that can compromise personal and sensitive information and disrupt national and economic security.”
The bill would direct CISA to provide regular guidance and resources to the public and private sectors on best practices related to cybersecurity – such as enabling multifactor authentication and utilizing unique, strong passwords for each account.
The legislation would also ensure that CISA increases its outreach to the most frequent targets of ransomware, including Federal agencies; state, local, tribal and territorial governments; and nonprofits and universities .
It’s become increasingly clear that ransomware will continue to be a common, and costly, cyber threat.
According to Verizon’s recent Annual Data Breach Investigations Report, ransomware incidents held steady at 24 percent of breaches measured through October 2022 and covered in the report released earlier this month. However, ransomware was everywhere: 91 percent of industries cited ransomware as one of the top issues they dealt with over the 12-month period.