© Shutterstock
The Quantum Computing Cybersecurity Preparedness Act (HR7535) passed its final legislative hurdle this week after a positive vote in the U.S. House of Representatives, setting out its provisions to enhance national cybersecurity for President Joe Biden to sign into law.
The bill was introduced in the House of Representatives by US Representatives Nancy Mace (R-SC) and Ro Khanna (D-CA). The companion legislation was passed in the Senate by US Sens. Maggie Hassan (D-NH) and Rob Portman (R-OH) contributed. It passed unanimously in the Senate last week.
“Cybersecurity is national security,” Mace said. “After 11 federal agencies were hacked by agents from Russia and China in 2020, we must do everything in our power to strengthen and protect our country’s systems and keep our data safe. Congress will now receive an annual report on the federal government’s strategy for addressing post-quantum cybersecurity threats.”
First and foremost, the legislation will prompt the Office of Management and Budget (OMB) to prioritize the acquisition and migration of federal agencies’ information technology to post-quantum cryptography. This means that authorities would move to secure systems more secure against cryptanalytic attacks by future quantum computers through new cryptographic ciphers to hedge against advances in computing power and other algorithms. No later than a year after the National Institutes of Standards and Technology (NIST) created new post-quantum cryptography standards, OMB must start prioritizing the migration of these systems.
“Quantum computing will bring tremendous advances in computing power, but it will also create new cybersecurity challenges,” Portman said. “I am pleased that the House of Representatives passed our bipartisan legislation requiring the government to inventory its cryptographic systems and determine which are the best at risk from quantum computing, and upgrade those systems accordingly, and urge the President to do so.” to sign it into law soon.”
In addition to the implementation requirements, evaluation and reporting would also play a key role in new mandates. The legislation would require OMB to produce guidance for federal agencies to assess critical systems one year after the NIST standards are announced and to provide Congress annually with a strategy for managing post-quantum cryptography risks, any required funding, and an analysis of the coordination and government migration efforts.
Computer technology continues to advance. This bill represented the legislature’s attempts to save the federal government from being left behind and vulnerable in the process.
