Model Legislative Text
Legislative Proposals Remaining from March 2020 Report
The Cyberspace Solarium Commission’s staff provided 52 separate legislative proposals to support the implementation of the strategy of layered cyber deterrence and its associated legislative recommendations in its March 2020 Final Report. In addition to highlighting the Commission’s original recommendations, the following are model legislative texts to further bolster America’s ability to respond to and recover from significant cyber incidents.
- Cybersecurity apprenticeship pilot program
Recommendation 1.5.b | PDF - Improve Cyber Capacity Building and Consolidate the Funding of Cyber Foreign Assistance
Recommendation 2.1.3 | PDF - Administrative Subpoena Authority
Recommendation 2.1.4 | PDF - Establish a National Risk Management Cycle and National Critical Infrastructure Resilience Strategy
Recommendation 3.1.1a | PDF - Establish a National Cyber Resilience Assistance Fund
Recommendation 3.1.2 | PDF - Strengthen the Election Assistance Commission
Recommendation 3.4b | PDF - Establish a National Cybersecurity Certification and Labeling Authority
Recommendation 4.1 | PDF - Critical Technology Security Centers
Recommendation 4.1.1 | PDF - Establish a Bureau of Cyber Statistics
Recommendation 4.3 | PDF - Amend the Sarbanes-Oxley Act to Include Cybersecurity Reporting Requirements and Require Regular Pen Testing
Recommendation 4.4.4 | PDF - Develop a Strategy to Secure Foundational Internet Protocols and Email
Recommendation 4.5.2 | PDF - Strengthen the U.S. Government’s Ability to Take Down Botnets
Recommendation 4.5.3 | PDF - National Data Breach Notification/Incident Reporting Act
Recommendation 4.7.1 | PDF - Systemically Important Critical Infrastructure
Recommendation 5.1 | PDF - Increase Intelligence Support to the Private Sector
Recommendation 5.1.1 | PDF - Codify Processes for Identifying Private Sector Cyber Intelligence Needs and Priorities
Recommendation 5.1.2 | PDF - Cyber Threat Information Collaboration Environment Program
Recommendation 5.2 | PDF - Pen Register Trap And Trace and Active Defense
Recommendation 5.2.3 | PDF
Pandemic White Paper Model Legislative Texts
In August 2020, the Cyberspace Solarium Commission released a new white paper, “Cybersecurity Lessons From the Pandemic.” Exhibited here are model legislative texts drawn from lessons learned by the pandemic response.
- National Cybercrime Victim Assistance and Recovery Center
Pandemic Proposal 1.3b | PDF
Supply Chain Model Legislative Texts
In October 2020, the Cyberspace Solarium Commission released a new white paper, “Building a Trusted ICT Supply Chain,” proposing a five-pillar strategy to work with critical partners in the private sector and worldwide to reinvigorate American high-tech manufacturing and secure the United States’ ICT supply chains. The following are model legislative texts that address the challenges that threaten to undermine America’s most critical supply chains.
- National Supply Chain Intelligence Center
Supply Chain Proposal 4.1 | PDF
Water Sector Model Legislative Texts
In its March 2020 Final Report, the Cyberspace Solarium Commission noted that “water utilities remain largely ill-prepared to defend their networks from cyber-enabled disruption.” The following are the most recent model legislative texts that expand on the work of the CSC, the Foundation for Defense of Democracies (FDD), and various water sector organizations.
- Establish a Water Risk and Resilience Organization
Water Proposal 1 | PDF - Water and Wastewater Infrastructure Cybersecurity Improvement Program
Water Proposal 2 | PDF - Resource and Empower the EPA as the SRMA for the Water Sector
Water Proposal 3 | PDF - Direct More of the EPA’s Funding Toward Cybersecurity
Water Proposal 4 | PDF - Cybersecurity Circuit Rider Program for Rural Water and Wastewater Infrastructure
Water Proposal 5 | PDF - Amend the Clean Water Act to Require Wastewater Systems to Perform Risk and Resilience Assessments
Water Proposal 6 | PDF
Workforce Model Legislative Texts
In its March 2020 Final Report, the Cyberspace Solarium Commission calls for the federal government to “reform how it recruits, trains, and educates its workforce to ensure that it has the necessary cybersecurity talent.” Continuing the work of the Commission, CSC 2.0 published a report on strengthening the federal cyber workforce including recommended actions for Congress to support efforts to grow the cyber workforce. The following are the most recent model legislative texts provided by the CSC 2.0 to implement these recommendations.
- Federal Cybersecurity Workforce Data Collection
Workforce Proposal 1 | PDF - Federal Cyber Workforce Development Institute
Workforce Proposal 2 | PDF - Federal Cyber Excepted Service
Workforce Proposal 3 | PDF
Maritime Transportation System Legislative Texts
In its March 2020 final report, the congressionally mandated Cyberspace Solarium Commission repeatedly highlighted the need for better government-industry cybersecurity collaboration and better resourcing of government efforts to support the private sector. Picking up on this theme, a group of scholars at the Atlantic Council (including one of this report’s co-authors) published Raising the Colors: Signaling for Cooperation on Maritime Cybersecurity, which proposed short- and long-term solutions to improve the cybersecurity of the MTS. Building on that monograph’s foundation, this report provides additional analysis of cyberattacks against the MTS along with recommendations to resource the subsector’s cybersecurity more fully.
- Sector Risk Management Agency Funding
Maritime Proposal 1 | PDF - Maritime Equipment Cybersecurity Test Bed
Maritime Proposal 2 | PDF - Port Security Grant Program Cyber Funding
Maritime Proposal 3.1 | PDF - Port Infrastructure Development Program Cyber Funding
Maritime Proposal 3.2 | PDF - Maritime Cyber Education and Certifications
Maritime Proposal 4 | PDF