On Oct. 5, 2021, Rep. John Katko introduced H.R. 5491 to authorize the director of the Cybersecurity and Infrastructure Security Agency to designate certain elements of critical infrastructure as systemically important. This bill, working off of the Cyberspace Solarium Commission’s recommendation to identify and designate Systemically Important Critical Infrastructure (SICI) for national security, is a step in the right direction, but unfortunately does not include vital provisions related to liability protection and certification standards that would create a game-changing new structure of cybersecurity requirements and benefits. Below is a summary of the two proposals.


The proposed SICI framework has the capacity to improve cybersecurity for our most critical, and often most vulnerable, assets. H.R. 5491, as it currently stands, includes foundational pieces of the Commission’s overall recommendation; however, the more challenging and vital provisions have not been negotiated and included. Congress should pass this bill, and continue to build on the existing voluntary architecture to create a fulsome structure of benefits and burdens for our most critical entities, and ultimately bolster U.S. national security priorities.

*Required as part of a report

Image credit: Gorodenkoff