Rep. Mike Gallagher (R-WI) and Rep. Abigail Spanberger (D-VA) have introduced a bipartisan bill intended to fortify the defense of critical infrastructure sectors from cyber attackers.Under the National Risk Management Act of 2023, the Secretary of Homeland Security would be required to establish a National Risk Management Cycle in consultation with Sector Risk Management Agencies, critical infrastructure owners and operators, the Assistant to the President for National Security Affairs, the Assistant to the President for Homeland Security, and the National Cyber Director.The recurring process would identify risks to critical infrastructure and the associated likelihoods, vulnerabilities, and consequences of each identified risk, the bill's sponsors said.
Key Elements: National Risk Management Act of 2023
Here are some key elements of the measure:- Within six months of the bill’s passage, the Secretary is tasked with submitting a report to the President, the Committee on Homeland Security and Governmental Affairs of the Senate, and the Committee of Homeland Security of the House, on the risks of cybersecurity threats and physical threats based on the recurring process of national risk management.
- No later than one year after the Secretary delivers the report, the President is to deliver to Congress, Homeland Security and Congressional Homeland Security committees a national critical infrastructure resilience strategy to address the risks to the nation.
- Not later than one year after the President delivers the report and each subsequent year, the Secretary will update various security committees and agencies on national risk management process activities and the amounts and timeline for funding to address cybersecurity and physical threats.




