Report: New law would order federal officials to develop cybersecurity risk management practices

A bill put forth this week in the United States Senate would mandate that federal officials develop a risk management strategy to counteract cybersecurity threats from hostile foreign powers. 

The National Risk Management Act, introduced by U.S. Sens. Ben Sasse and Maggie Hassan, would order officials with the Cybersecurity and Infrastructure Security Agency to "conduct a five-year national risk management cycle" in order to assess major cybersecurity risks, The Hill reported on Friday. 

“When a criminal shuts down a hospital system to get a ransomware payment or a foreign adversary hacks government agencies, we face grave threats to our national security and well-being,” Hassan told The Hill in a statement. 

The bill would further require the sitting U.S. president to explain to Congress how his administration was addressing the cybersecurity threats revealed by the CISA review. 

The bill comes after several high-profile cyberattacks targeted at U.S. digital infrastructure over the past year, including reportedly from Russian intelligence agents.