Cybersecurity Vulnerability Identification and Notification Act of 2019
This bill authorizes the Department of Homeland Security (DHS) to issue a subpoena for the production of information to identify and notify an entity that is put at risk by cybersecurity vulnerabilities.
Specifically, the bill requires the DHS Cybersecurity and Infrastructure Security Agency (CISA) to detect, identify, and receive information about security vulnerabilities relating to critical infrastructure in the information systems and devices of public and private entities. To do this, the bill authorizes CISA, upon identification of a system determined to have such a security vulnerability, to issue a subpoena for the production of information that is necessary to identify and notify the at-risk entity.