[Congressional Bills 116th Congress]
[From the U.S. Government Publishing Office]
[H.R. 8223 Introduced in House (IH)]

<DOC>






116th CONGRESS
  2d Session
                                H. R. 8223

   To amend the Homeland Security Act of 2002 promote evidence-based 
    controls for defending against common cybersecurity threats and 
              cybersecurity risks, and for other purposes.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                           September 11, 2020

Mr. Katko (for himself, Mr. Langevin, Ms. Eshoo, Miss Rice of New York, 
and Mr. Gallagher) introduced the following bill; which was referred to 
                   the Committee on Homeland Security

_______________________________________________________________________

                                 A BILL


 
   To amend the Homeland Security Act of 2002 promote evidence-based 
    controls for defending against common cybersecurity threats and 
              cybersecurity risks, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Cyber Essentials Act''.

SEC. 2. EVIDENCE-BASED CONTROLS FOR DEFENDING AGAINST COMMON 
              CYBERSECURITY THREATS AND CYBERSECURITY RISKS.

    (a) In General.--Subsection (b) of section 2203 of the Homeland 
Security Act of 2002 (6 U.S.C. 653) is amended--
            (1) in paragraph (3), by striking ``and'' after the 
        semicolon at the end;
            (2) by redesignating paragraph (4) as paragraph (5); and
            (3) by inserting after paragraph (3) the following new 
        paragraph:
            ``(4) in consultation with the National Institute of 
        Standards and Technology, develop, publish, and update as 
        necessary guidelines and processes for a national audience 
        regarding usable evidence-based controls that have the most 
        impact in defending against common cybersecurity threats and 
        cybersecurity risks; and''.
    (b) Restriction.--Chapter 35 of title 44, United States Code 
(commonly known as the ``Paperwork Reduction Act'') shall not apply to 
any action to implement the amendments made by this Act.
                                 <all>