Skip to main content

Rep. Mace Co-Sponsors Bipartisan Legislation to Strengthen VA Cybersecurity

March 30, 2022

Washington, D.C. – Today Rep. Nancy Mace (R-S.C.) along with Chairman of the House Committee on Veterans’ Affairs’ Subcommittee on Technology Modernization Rep. Frank J. Mrvan (D-IN), Rep. Susie Lee (D-NV), and Rep. Andrew Garbarino (R-NY), introduced the bipartisan Strengthening VA Cybersecurity (SVAC) Act of 2022. The purpose of this legislation is to strengthen cybersecurity at the Department of Veterans Affairs (VA) and protect information technology systems and devices used at VA.

Specifically, the SVAC Act of 2022 requires VA to obtain an independent cybersecurity assessment of its most critical information systems, as well as its cybersecurity posture as a whole.  It also requires VA to develop a timeline and budget to fix any weaknesses and deficiencies identified by the report.  

A companion measure has been introduced in the Senate by U.S. Senators Jacky Rosen (D-NV) and Marsha Blackburn (R-TN).

“Given Russia’s recent aggression and invasion of Ukraine, it is more important than ever that we shore up America’s critical cybersecurity, including proactively protecting the healthcare of our veterans against possible cyber attacks from Russia,” said Rep. Nancy Mace.

Chairman Mrvan stated,“According to VA officials, in 2020, regrettably 46,000 veterans had their personal information compromised after hackers breached VA’s computer systems.  This is unacceptable, and action must be taken to improve VA’s cybersecurity.  This legislation will move us in the right direction to give VA the tools it needs to effectively protect against new and emerging cybersecurity threats and safeguard our veterans’ personal information.  I appreciate the close working relationship of my colleagues Rep. Nancy Mace, Rep. Susie Lee, and Rep. Andrew Garbarino, and look forward to continuing to collaborate with you to move this commonsense and bipartisan legislation forward.”

“VA is the largest integrated health care network in the United States that provides care and benefits to millions of veterans. As a result, VA retains, transfers, and processes massive amounts of sensitive information,”said Congresswoman Susie Lee, who served as Chair of the Subcommittee on Technology Modernization in the 116th Congress. “However, despite spending more on IT overall, VA spends less on cybersecurity than most other agencies, leaving veterans' sensitive information vulnerable to cyber crime. This bipartisan bill is a simple fix that will help strengthen VA’s cybersecurity and protect veterans’ information.”

“As Ranking Member of the Cybersecurity, Infrastructure Protection, and Innovation Subcommittee, I’m highly concerned by the rising threat of cyberattacks and have been working closely with public and private stakeholders to ensure Americans are prepared to protect themselves online,”said Rep. Garbarino. “Veterans’ personal information can be appealing targets for foreign adversaries and cyber criminals, making it essential for the VA to engage in long overdue system upgrades and take proactive steps to mitigate cyber threats. I’m proud to co-sponsor this bill to assess and improve the VA’s cyber preparedness.”

SVAC Act of 2022 will:

Protect against advanced cybersecurity threats, ransomware, denial of service attacks, insider threats, threats from foreign actors, phishing, credential theft and other cyber threats;

  • Ensure that the entire Department’s IT is covered—including on-premises, remote, cloud-based, and mobile information systems and devices used by, or in support of, Department activities;
  • Require the Secretary to submit a detailed report and plan of implementation to Congress within 120 days of the independent assessment; and
  • Require the GAO to review VA’s plan and evaluate if the cost estimates and timelines are realistic.

For additional information on this legislation, clickhere.

###

 

How Are We Doing?