[Congressional Bills 117th Congress]
[From the U.S. Government Publishing Office]
[S. 4123 Introduced in Senate (IS)]

<DOC>






117th CONGRESS
  2d Session
                                S. 4123

     To require a report on Federal support of the cybersecurity of 
         commercial satellite systems, and for other purposes.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                              May 2, 2022

  Mr. Ossoff introduced the following bill; which was read twice and 
referred to the Committee on Homeland Security and Governmental Affairs

_______________________________________________________________________

                                 A BILL


 
     To require a report on Federal support of the cybersecurity of 
         commercial satellite systems, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Enhancing Satellite Cybersecurity 
Act''.

SEC. 2. DEFINITION.

    In this Act, the term ``commercial satellite system'' means an 
earth satellite owned and operated by a non-Federal entity.

SEC. 3. REPORT ON COMMERCIAL SATELLITE CYBERSECURITY.

    Not later than 2 years after the date of enactment of this Act, the 
Comptroller General of the United States shall report to Congress on 
the actions the Federal Government has taken to support the 
cybersecurity of commercial satellite systems, which shall include 
information on--
            (1) the extent to which Federal agencies are reliant on 
        commercial satellite systems owned wholly or in part or 
        controlled by foreign entities, and how Federal agencies 
        mitigate associated cybersecurity risks; and
            (2) the extent to which Federal agencies are reliant on 
        commercial satellite systems with physical structures, such as 
        satellite ground control systems, in foreign countries, and how 
        Federal agencies mitigate associated cybersecurity risks.

SEC. 4. RESPONSIBILITIES OF THE CYBERSECURITY AND INFRASTRUCTURE 
              SECURITY AGENCY.

    (a) In General.--The Director of the Cybersecurity and 
Infrastructure Security Agency shall consolidate voluntary 
cybersecurity recommendations designed to assist in the development, 
maintenance, and operation of commercial satellite systems.
    (b) Requirements.--The recommendations consolidated under 
subsection (a) shall include, to the greatest extent practicable, 
materials addressing the following:
            (1) Protection against vulnerabilities posed by ownership 
        of commercial satellite systems or commercial satellite system 
        companies by foreign entities.
            (2) Protection against vulnerabilities posed by locating 
        physical infrastructure, such as satellite ground control 
        systems, in foreign countries.
                                 <all>