Critical Technology Security Centers Act of 2023
Critical Technology Security Centers Act of 2023
This bill directs the Science and Technology Directorate of the Department of Homeland Security, in coordination with the Cybersecurity and Infrastructure Security Agency (CISA), to support the establishment of at least two cybersecurity-focused Critical Technology Security Centers to evaluate and test the security of critical technology.
The centers shall leverage risk-based evaluations to focus on activities that have the greatest effect on the security of the critical technologies within each center's scope.
Each center must establish, in coordination with CISA, coordinated vulnerability disclosure processes. Vulnerabilities discovered by a center must be reported to the National Vulnerability Database of the National Institute of Standards and Technology.
Any center addressing open source software security may award grants to individual open source software developers and maintainers, nonprofit organizations, and other nonfederal entities to fund improvements in the security of the open source software ecosystem. Open source software is defined as software for which the human-readable source code is made available to the public for use, study, re-use, modification, enhancement, and redistribution.
Each center must report to the directorate on a biennial basis. The directorate shall then report to Congress.
Referred to the Subcommittee on Emergency Management and Technology.