H.R. 6443 would require the Department of Homeland Security (DHS) to deploy, operate, and maintain a continuous diagnostics and mitigation (CDM) program to assist federal agencies to improve the cybersecurity of their respective networks and systems. Based on information from DHS, the department already makes available to all federal agencies the capabilities required in the bill; thus, the bill would codify in law current activities.
H.R. 6443 also would require DHS, within 180 days of the bill’s enactment, to develop and submit to the Congress a strategy to carry out the CDM program. Not later than 90 days after developing that strategy, the bill also would require DHS to submit a report to the Congress on the cybersecurity strength of federal networks and systems based on the data collected through the CDM program. Based on the cost of similar activities, CBO estimates that preparing the strategy and report would cost less than $500,000 over the 2019-2023 period; such spending would be subject to the availability of appropriated amounts.
Enacting H.R. 6443 would not affect direct spending or revenues; therefore, pay-as-you-go procedures do not apply.
CBO estimates that enacting H.R. 6443 would not increase net direct spending or on-budget deficits in any of the four consecutive 10-year periods beginning in 2029.
H.R. 6443 contains no intergovernmental or private-sector mandates as defined in the Unfunded Mandates Reform Act.