Strengthening Cyber Resilience Against State-Sponsored Threats Act

Summary of HR 2659: Strengthening Cyber Resilience Against State-Sponsored Threats Act

Bill Number: HR 2659

Introduced: April 07, 2025

Status: Reported by the Committee on Homeland Security (H. Rept. 119-230)

Sponsor: Andrew Ogles (with cosponsors Andrew R. Garbarino, Mark E. Green, Laurel M. Lee, John R. Moolenaar)

Legislative Actions:

- 2025-08-15: Placed on the Union Calendar, Calendar No. 188

- 2025-08-15: Reported by the Committee on Homeland Security

- 2025-04-09: Ordered to be Reported by Voice Vote

- 2025-04-09: Committee Consideration and Mark-up Session Held

Purpose and Intent

The Strengthening Cyber Resilience Against State-Sponsored Threats Act aims to enhance the security and integrity of the United States' critical infrastructure against cyber threats, particularly those posed by state-sponsored actors from the People's Republic of China (PRC). The bill seeks to establish a coordinated response framework through an interagency task force that will focus on identifying, mitigating, and reporting on cyber threats targeting U.S. infrastructure.

Key Provisions

• Establishment of an Interagency Task Force:
  
  The bill mandates the Secretary of Homeland Security, through the Cybersecurity and Infrastructure Security Agency (CISA), to create an interagency task force. This task force will include representatives from the FBI, the Attorney General's office, and Sector Risk Management Agencies (SRMAs).

• Annual Reporting Requirement:
  
  The task force is required to submit an annual report to Congress over a six-year period. These reports will detail the targeting of U.S. critical infrastructure by PRC state-sponsored cyber actors, providing insights into the evolving threat landscape.

• Focus on Coordination:
  
  The task force aims to improve coordination among federal agencies and enhance collaboration with private sector stakeholders, which own and operate a significant portion of U.S. critical infrastructure.

Background and Need for Legislation

The bill responds to a growing concern regarding the PRC's escalating cyber operations, which have targeted various sectors, including energy, telecommunications, and financial networks. Notable cyber actors like Volt Typhoon have demonstrated the ability to conduct long-term espionage and disrupt critical systems. The fragmented nature of current U.S. responses has been deemed insufficient, necessitating a more unified and proactive approach to cybersecurity.

Impact

• Affected Entities:
  
  The legislation will primarily impact federal agencies involved in cybersecurity, including CISA and the FBI, as well as private sector entities that manage critical infrastructure.

• Enhanced Cybersecurity Measures:
  
  By fostering better information sharing and coordination, the bill aims to strengthen the resilience of U.S. infrastructure against sophisticated cyber threats, ultimately enhancing national security.

Conclusion

HR 2659 represents a significant legislative effort to bolster the United States' defenses against state-sponsored cyber threats, particularly from the PRC. Through the establishment of a dedicated task force and annual reporting, the bill seeks to create a more cohesive and effective response to the evolving challenges in cybersecurity.