Ask AI
Public Law115th CongressEmergency Management
H.R. 7327Became Law

Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology Act

This bill became law

Filed
Comm.
Floor
Both
Law

What it doesSummary public law (Dec 21, 2018)

Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology Act or the SECURE Technology Act

TITLE I--DEPARTMENT OF HOMELAND SECURITY INFORMATION SECURITY AND OTHER MATTERS

(Sec. 101) This bill directs the Department of Homeland Security (DHS) to: (1) establish a policy applicable to individuals, organizations, and companies to report security vulnerabilities on DHS information systems; and (2) develop a process to address the mitigation or remediation of the vulnerabilities reported. DHS shall make such policy publicly available and submit a copy to Congress with the required remediation process.

(Sec. 102) DHS shall establish, within the Office of the Chief Information Officer, a bug bounty pilot program to minimize security vulnerabilities.

"Bug bounty program" means a program under which: (1) individuals, organizations, and companies are temporarily authorized to identify and report vulnerabilities of DHS information systems; and (2) eligible individuals, organizations, and companies receive compensation in exchange for such reports.

TITLE II--FEDERAL ACQUISITION SUPPLY CHAIN SECURITY

Federal Acquisition Supply Chain Security Act of 2018

(Sec. 202) This bill establishes a Federal Acquisition Security Council. The council shall: (1) identify and recommend development of supply chain risk management standards, guidelines, and practices for assessing and developing mitigation strategies to address supply chain risks; and (2) develop a strategic plan for addressing supply chain risks posed by the acquisition of certain technology and equipment (covered articles).

(Sec. 203) The bill sets forth standards for executive agencies in assessing supply chain risks and extends to such agencies authorities for mitigating supply chain risks in the procurement of covered articles.

(Sec. 204) The bill adds agency responsibilities relating to assessing and avoiding, mitigating, transferring, or accepting supply chain risks and complying with exclusion and removal orders.

What just happenedDec 21, 2018

Became Public Law No: 115-390.

Who’s behind it

Rep. Hurd, Will [R-TX-23](R-TX)Sponsor
5 cosponsors3 D2 R
Read on Congress.gov
5cosponsors2committees22actions1related bills6subjects
  1. Dec 21, 2018President

    Became Public Law No: 115-390.

  2. Dec 21, 2018BecameLaw36000

    Became Public Law No: 115-390.

  3. Dec 21, 2018President

    Signed by President.

  4. Dec 21, 2018BecameLaw36000

    Signed by President.

  5. Dec 21, 2018Floor

    Presented to President.

  6. Dec 21, 2018President28000

    Presented to President.

  7. Dec 20, 2018Floor

    Message on Senate action sent to the House.

  8. Dec 20, 2018Floor

    Passed Senate without amendment by Unanimous Consent. (consideration: CR S7950)

  9. Dec 20, 2018Floor17000

    Passed/agreed to in Senate: Passed Senate without amendment by Unanimous Consent.(consideration: CR S7950)

  10. Dec 19, 2018IntroReferral

    Received in the Senate, read twice.

  11. Dec 19, 2018FloorH38310

    Motion to reconsider laid on the table Agreed to without objection.

  12. Dec 19, 2018FloorH37300

    On motion to suspend the rules and pass the bill Agreed to by recorded vote (2/3 required): 362 - 1 (Roll no. 440). (text: CR H10291-10296)

  13. Dec 19, 2018Floor8000

    Passed/agreed to in House: On motion to suspend the rules and pass the bill Agreed to by recorded vote (2/3 required): 362 - 1 (Roll no. 440).(text: CR H10291-10296)

  14. Dec 19, 2018FloorH30000

    Considered as unfinished business. (consideration: CR H10316-10317)

  15. Dec 19, 2018FloorH37210

    At the conclusion of debate, the chair put the question on the motion to suspend the rules. Mr. Massie objected to the Yea - Nay vote on the grounds that a quorum was not present. Further proceedings on the motion were postponed. The point of no quorum was considered as withdrawn.

  16. Dec 19, 2018FloorH8D000

    DEBATE - The House proceeded with forty minutes of debate on H.R. 7327.

  17. Dec 19, 2018FloorH30000

    Considered under suspension of the rules. (consideration: CR H10291-10297)

  18. Dec 19, 2018FloorH30300

    Mr. Hurd moved to suspend the rules and pass the bill.

  19. Dec 19, 2018IntroReferralH11100

    Referred to the Committee on Oversight and Government Reform, and in addition to the Committee on Homeland Security, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.

    Homeland Security Committee
  20. Dec 19, 2018IntroReferralH11100

    Referred to the Committee on Oversight and Government Reform, and in addition to the Committee on Homeland Security, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.

    Oversight and Accountability Committee
  21. Dec 19, 2018IntroReferralIntro-H

    Introduced in House

  22. Dec 19, 2018IntroReferral1000

    Introduced in House

Public LawDec 21, 201849

Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology Act or the SECURE Technology Act

TITLE I--DEPARTMENT OF HOMELAND SECURITY INFORMATION SECURITY AND OTHER MATTERS

(Sec. 101) This bill directs the Department of Homeland Security (DHS) to: (1) establish a policy applicable to individuals, organizations, and companies to report security vulnerabilities on DHS information systems; and (2) develop a process to address the mitigation or remediation of the vulnerabilities reported. DHS shall make such policy publicly available and submit a copy to Congress with the required remediation process.

(Sec. 102) DHS shall establish, within the Office of the Chief Information Officer, a bug bounty pilot program to minimize security vulnerabilities.

"Bug bounty program" means a program under which: (1) individuals, organizations, and companies are temporarily authorized to identify and report vulnerabilities of DHS information systems; and (2) eligible individuals, organizations, and companies receive compensation in exchange for such reports.

TITLE II--FEDERAL ACQUISITION SUPPLY CHAIN SECURITY

Federal Acquisition Supply Chain Security Act of 2018

(Sec. 202) This bill establishes a Federal Acquisition Security Council. The council shall: (1) identify and recommend development of supply chain risk management standards, guidelines, and practices for assessing and developing mitigation strategies to address supply chain risks; and (2) develop a strategic plan for addressing supply chain risks posed by the acquisition of certain technology and equipment (covered articles).

(Sec. 203) The bill sets forth standards for executive agencies in assessing supply chain risks and extends to such agencies authorities for mitigating supply chain risks in the procurement of covered articles.

(Sec. 204) The bill adds agency responsibilities relating to assessing and avoiding, mitigating, transferring, or accepting supply chain risks and complying with exclusion and removal orders.

Introduced in HouseDec 19, 2018

Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology Act or the SECURE Technology Act

This bill directs the Department of Homeland Security (DHS) to:

  • establish a policy applicable to individuals, organizations, and companies to report security vulnerabilities on DHS information systems;
  • develop a process to address the mitigation or remediation of the vulnerabilities reported; and
  • establish, within the Office of the Chief Information Officer, a bug bounty pilot program to minimize such vulnerabilities.

Federal Acquisition Supply Chain Security Act of 2018

This bill establishes a Federal Acquisition Security Council. The council shall: (1) identify and recommend development of supply chain risk management standards, guidelines, and practices for assessing and developing mitigation strategies to address supply chain risks; and (2) develop a strategic plan for addressing supply chain risks posed by the acquisition of certain technology and equipment (covered articles).

The bill sets forth standards for executive agencies in assessing supply chain risks and extends to such agencies authorities for mitigating supply chain risks in the procurement of covered articles.

Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology Act — Informed