Quick Hits

*** The Cyber Incident Reporting Act, offered Tuesday by Sens. Gary Peters (D-Mich.) and Rob Portman (R-Ohio), the chairman and ranking member of the Senate Homeland Security and Government Affairs Committee, would require critical infrastructure companies to report cybersecurity breaches to the federal government. The bill builds on similar bipartisan legislation offered in the House of Representatives, according to a committee press release. In addition, Peters and Portman plan an update to the Federal Information Security Modernization Act that would require federal agencies and contractors to report cyberattacks – provisions contained in the Biden administration's May executive order on cybersecurity but not yet enshrined in law.

*** Security screeners employed by the Transportation Security Administration can now appeal adverse personnel actions to the Merit Systems Protection Board, as the result of a memorandum of understanding between the two agencies. TSA security screeners operate outside of typical Title 5 protections under law. The Rights for the TSA Workforce Act, backed by Rep. Bennie Thompson (D-Miss.), the chairman of the House Homeland Security Committee, would codify these changes and other protections for TSA employees.

*** New federal cybersecurity guidance from the National Security Agency and the Cybersecurity and Infrastructure Security Agency cautions technology managers about multiple exploits associated with the use of virtual private networks and outlines steps users can take to use the technology safely.