DHS Industrial Control Systems Capabilities Enhancement Act of 2021
This bill requires the Cybersecurity and Infrastructure Security Agency (CISA) to maintain certain capabilities to identify and address threats to industrial control systems.
Specifically, the bill requires CISA's National Cybersecurity and Communications Integration Center to ensure that its activities address the security of both information and operational technology, including industrial control systems.
Additionally, CISA must maintain capabilities to identify and address threats and vulnerabilities to products and technologies intended for use in the automated control of critical infrastructure processes by (1) leading efforts to identify and mitigate cybersecurity threats to industrial control systems; (2) maintaining threat hunting and incident response capabilities to respond to cybersecurity risks and incidents; (3) providing cybersecurity technical assistance to stakeholders; and (4) collecting, coordinating, and providing vulnerability information to the industrial control systems community.
CISA shall provide to the homeland security committees a briefing on its industrial control systems capabilities at specified intervals.
The Government Accountability Office must review and report on implementation of the bill's requirements.