New bill would give CISA greater cyber outreach responsibilities
The Cybersecurity Awareness Act would direct the agency to launch a new public-private campaign promoting cyber best practices across small businesses and underserved communities.
Lawmakers have introduced a new bipartisan bill that aims to equip the most frequent targets of ransomware attacks and underserved communities across the country with critical access to cybersecurity training, education and resources.
The Cybersecurity Awareness Act would require the Cybersecurity and Infrastructure Security Agency to launch a new public-private campaign promoting cybersecurity best practices — like enabling multifactor authentication and utilizing unique, secure passwords — while expanding outreach to communities on how to protect themselves against cyberattacks.
Under the legislation, CISA would work in consultation with federal agencies; state, local, tribal and territorial governments; and nonprofits and universities to ensure its outreach efforts are effective, accurate and timely.
The bill comes amid an increase in evolving threats targeting small businesses and vulnerable populations, with recent reports indicating that both groups have faced a significant rise in attacks in recent years.
"Defending against persistent and evolving cybersecurity threats will take an all hands on deck effort," Sen. Gary Peters, D-Mich., chairman of Homeland Security and Governmental Affairs committee, said in a statement. Peters introduced the bill with Sen. Bill Cassidy, R-La.
He added that the bill will help ensure communities and small businesses are "playing their part in preventing network breaches that can compromise personal and sensitive information and disrupt national and economic security.”
The bill would also direct CISA to publicly provide all campaign resources online and regularly update its information on cybersecurity practices as the threat landscape continues to evolve.
As the nation's cyber defense agency, CISA has increasingly taken on the role of mediator between the public and private sectors on cybersecurity, establishing a variety of government and industry collaborations focusing on improving the nation's defense against cyber attacks.
In 2021, the agency formed the Joint Cyber Defense Collaborative — a public-private cyber initiative promoting information sharing on critical cyberattacks — and last year launched the "Shields Up" campaign to provide resources for organizations of any size against state-sponsored cyberattacks.
"Americans should always use the best cybersecurity practices to protect themselves and their families from cyber threats,” Cassidy said in a statement. "This bill ensures Americans have access to the educational tools they need to stay safe.”