Rep. Subramanyam Introduces Bill to Protect Federal Government Data
WASHINGTON, DC – U.S. Representatives Suhas Subramanyam (D-VA) and Richard McCormick (R-GA) introduced the National Defense Data Resilience Act to ensure that – as cyber capabilities around the world continue to advance – the United States has enforceable data recovery standards across the federal government in the event of a digital attack from an adversary. It is essential to have Recovery Time Objectives (RTOs) in place, which are the maximum time allowed to restore critical systems and data in the event of a cyber incident.
“Cyber warfare is a growing threat, and our federal government should be prepared. Without this bill, we are leaving the safety and security of our nation vulnerable instead of maintaining necessary technological advancements. Now more than ever, we need to do everything we can to prevent the threats we know are coming from our adversaries,” said Rep. Suhas Subramanyam.
“Having a strong national defense starts with protecting the data our military relies on every day. When vital information is lost or disrupted, missions and readiness can be put at risk,” said Congressman McCormick. "This bill takes an important step toward ensuring we can quickly restore critical systems by strengthening the way we safeguard and recover essential data. By building a more resilient defense infrastructure, we keep our servicemembers prepared for whatever they face next.”
Data recovery is now a mission assurance requirement. The National Defense Data Resilience Act recognizes that restoring critical defense data quickly and securely after a cyberattack is essential to readiness, deterrence, and American cyber power, said Cory Simpson, CEO of the Institute for Critical Infrastructure Technology.
The National Defense Data Resilience Act establishes mandatory RTOs for different thresholds of data across federal agencies, including the Pentagon, and establishes data recovery capability requirements for the data. The bill also requires the Secretary to submit a data recovery strategy for the Department of Defense.