[Congressional Bills 115th Congress]
[From the U.S. Government Publishing Office]
[H.R. 1997 Introduced in House (IH)]

<DOC>






115th CONGRESS
  1st Session
                                H. R. 1997

   To encourage United States-Ukraine cybersecurity cooperation and 
  require a report regarding such cooperation, and for other purposes.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                             April 6, 2017

Mr. Brendan F. Boyle of Pennsylvania (for himself and Mr. Fitzpatrick) 
 introduced the following bill; which was referred to the Committee on 
                            Foreign Affairs

_______________________________________________________________________

                                 A BILL


 
   To encourage United States-Ukraine cybersecurity cooperation and 
  require a report regarding such cooperation, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Ukraine Cybersecurity Cooperation 
Act of 2017''.

SEC. 2. FINDINGS.

    Congress finds the following:
            (1) The United States established diplomatic relations with 
        Ukraine in 1992, following its independence from the Soviet 
        Union.
            (2) The United States attaches great importance to the 
        success of Ukraine's transition to a modern democratic country 
        with a flourishing market economy.
            (3) In 2014, days before the Presidential election in 
        Ukraine, there took place a failed attempt to destroy the 
        election system software through a cyber attack.
            (4) In December 2015, Ukrainian power companies experienced 
        unscheduled power outages impacting a large number of customers 
        in Ukraine from a cyber attack.
            (5) In response to cyber attacks in Ukraine, Ukrainian 
        President Petro Poroshenko emphasized the need for a National 
        Cyber Security System declaring that cyberspace has turned into 
        another battlefield 101 for State independence.
            (6) As a result of the December 2015 cyberattack, the 
        United States sent interagency teams that included 
        representatives from the Department of Energy, the Federal 
        Bureau of Investigation, and the North American Electric 
        Reliability Corporation to Ukraine to look into the safety of 
        their infrastructure and to help with investigations. The visit 
        was followed up by another interagency delegation to Ukraine in 
        March 2016, and a May 2016 United States-Ukrainian tabletop 
        exercise on mitigating attacks against Ukraine's 
        infrastructure.
            (7) As noted by former Deputy Secretary of Commerce, Bruce 
        Andrews, ``Cybersecurity is a perfect example of a sector in 
        which we can work together to increase national and economic 
        security, create jobs, and provide mutual prosperity for both 
        our economies. Together I am confident that we can provide 
        leadership to enhance cybersecurity capabilities across Central 
        and Southeast Europe.''.

SEC. 3. STATEMENT OF POLICY.

    It is the policy of the United States to--
            (1) reaffirm the commitment of the United States to the 
        United States-Ukraine Charter on Strategic Partnership, which 
        highlights the importance of the bilateral relationship and 
        outlines enhanced cooperation in the areas of defense, 
        security, economics and trade, energy security, democracy, and 
        cultural exchanges;
            (2) reaffirm the commitment of the United States to support 
        cooperation between the North Atlantic Treaty Organization 
        (NATO) and Ukraine;
            (3) reaffirm the commitment of the United States to provide 
        financial, economic, and technical assistance to Ukraine to 
        achieve its goals for the Ukrainian Government to make progress 
        on reforms and anticorruption initiatives;
            (4) reaffirm the commitment of the United States to the 
        Budapest Memorandum on security assurances; and
            (5) assist the Ukrainian Government to improve its 
        cybersecurity strategy.

SEC. 4. UNITED STATES ACTIONS TO ASSIST UKRAINE TO IMPROVE ITS 
              CYBERSECURITY AND PROTECT AMERICAN INTERESTS.

    (a) Sense of Congress.--It is the sense of Congress that the 
Secretary of State should take the following actions, commensurate with 
United States interests, to assist Ukraine to improve its 
cybersecurity:
            (1) Provide Ukraine such support as may be necessary to 
        increase most advanced security protection on government 
        computers, particularly such systems that defend the critical 
        infrastructure of Ukraine.
            (2) Provide Ukraine support in reducing reliance on Russian 
        technology.
            (3) Assist Ukraine to build capacity, expand cybersecurity 
        information sharing, and cooperate in international response 
        efforts.
    (b) Report on Ukraine's Cybersecurity.--Not later than 180 days 
after the date of the enactment of this Act, the Secretary of State 
shall submit to the Committee on Foreign Affairs of the House of 
Representatives and the Committee on Foreign Relations of the Senate a 
report on the status of United States cybersecurity cooperation with 
Ukraine to seek new areas for collaboration and assistance, as well as 
pursue cooperation with regional partners and organizations to address 
shared cyber challenges. Such report shall also include information 
relating to the following:
            (1) An update on the U.S. Department of Energy's efforts to 
        establish a United States-Ukraine Stakeholder Working Group as 
        an element of their work with Ukraine to develop a Ukrainian 
        Cyber Security Program.
            (2) An assessment capability to establish joint United 
        States and Ukrainian participation to--
                    (A) conduct cybersecurity assessments of existing 
                Ukrainian Government, military, critical 
                infrastructure, and banking systems in order to 
                identify critical vulnerabilities;
                    (B) recommend mitigation strategies relating to 
                such assessments;
                    (C) combat cybercrime, including through training 
                workshops and joint tabletop exercises covering 
                priority cybersecurity scenarios; and
                    (D) establish an information security awareness 
                program.
            (3) An update of progress on NATO's agreement to establish 
        an Incident Management Center to monitor cyber security events 
        and laboratories to investigate cybersecurity incidents.
                                 <all>