WASHINGTON, D.C. – Senators Rob Portman (R-OH) and Maggie Hassan (D-NH) have introduced the bipartisan Public-Private Cybersecurity Cooperation Act, which would require the Department of Homeland Security (DHS) to establish a cyber-vulnerabilities disclosure program (VDP) so that vulnerabilities in DHS’ cyber systems can be easily reported and fixed. This is a companion bill to legislation sponsored by House Majority Leader Kevin McCarthy (R-CA), the Public-Private Cybersecurity Cooperation Act (H.R.6735,) which passed the House earlier this year.
“At a time when cyber threats are on the rise, the United States government must protect itself. Doing so involves drawing upon the vast expertise of hackers and security experts in our country to identify vulnerabilities and report them to the people in a position to fix those flaws in our systems. This bill complements my work with Senator Hassan on our HACK DHS Act and I look forward to working with her and my colleagues to swiftly enact this common sense, bipartisan proposal,” said Senator Portman.
“This bill encourages ethical hackers to come forward with information they find about vulnerabilities in our government networks by assuring them that if they do, they’ll have protection under the law,” Senator Hassan said. “Senator Portman has been a strong partner in working to strengthen our country’s cybersecurity, including through our work together on the bipartisan Hack DHS Act, and I look forward to continuing to work together to move both of these commonsense bills forward.”
NOTE: The bipartisan Public-Private Cybersecurity Cooperation Act would require DHS to establish a cyber-vulnerabilities disclosure program (VDP) and remediation process for vulnerabilities that are found. A VDP is a procedure that allows security experts to report cybersecurity vulnerabilities to the correct authorities.
Senators Portman and Hassan have worked together to strengthen cybersecurity and prevent against attacks that threaten the safety, privacy, and security of Americans. The bipartisan Portman-Hassan Hack Department of Homeland Security (DHS) Act unanimously passed the Senate earlier this year. The bipartisan bill would establish a bug bounty pilot program – modeled off of similar programs at the Department of Defense and major tech companies – that uses vetted “white-hat” or ethical hackers to help identify unique and undiscovered vulnerabilities in the DHS networks and information technology. The Senators have also introduced the DHS Cyber Incident Response Teams Act in order to help prevent cyberattacks on federal agencies and the private sector. The bill passed favorably out of committee in September. Click here to read a joint op-ed in TIME from Senators Portman and Hassan on their Hack DHS Act. Click here to read a joint op-ed in CNN from Senators Portman and Hassan on their DHS Cyber Incident Response Teams Act and their Hack DHS Act.