Bipartisan Senate bill takes aim at ‘overly burdensome’ cybersecurity regs

The Streamlining Federal Cybersecurity Regulations Act would establish an interagency committee to recommend which cyber regulations to lessen or waive.
Sen. Gary Peters, D-Mich., speaks during a Senate Homeland Security and Governmental Affairs Committee hearing on March 25, 2021 on Capitol Hill in Washington, D.C. (Photo by Astrid Riecken/Getty Images)

New legislation from a bipartisan pair of senators would create an interagency committee tasked with streamlining the country’s patchwork system of cybersecurity regulations if signed into law.

The Streamlining Federal Cybersecurity Regulations Act from Sens. Gary Peters, D-Mich., and James Lankford, R-Okla., calls on the White House’s national cyber director to create a committee that would harmonize the myriad cyber requirements imposed on companies by federal regulatory agencies, according to bill text shared with CyberScoop.

The introduction of the bill comes a month after a Senate hearing in which Nicholas Leiserson, the assistant national cyber director for cyber policy and programs, warned lawmakers of increasing “fragmentation” of cybersecurity regulations. “It is a problem that requires leadership from ONCD and Congress informed by the private sector,” he said.

Peters and Lankford both acknowledged the problem during the hearing, with the Michigan Democrat teasing the bill’s release — a draft copy of which was previously obtained by The Record — and the Oklahoma Republican railing against rulemaking from independent agencies.


“There are independent agencies that feel like they’re independent from everybody. They’re not independent from everybody,” Lankford said at the time. “There’s still some boundaries that need to be there when they’re creating new regs, that they’re not a completely independent fourth branch of government.”

The lawmakers’ bill addresses many of the concerns raised during June’s hearing. The committee would be responsible for identifying “overly burdensome, inconsistent, or contradictory” cybersecurity requirements and recommending updates to them, while establishing minimum standards and reciprocity among agencies. 

The committee would include the national cyber director, the chief of the Office of Management and Budget’s Office of Information and Regulatory Affairs, the heads of each federal regulatory agency and other government leaders  determined by the chair. 

Other elements of the bill include a pilot program to implement the new framework after consulting with various sector risk management agencies and an annual report on the committee’s work to the Senate Homeland Security and House Oversight and Accountability committees, among others with relevant jurisdiction.

Matt Bracken

Written by Matt Bracken

Matt Bracken is the managing editor of FedScoop and CyberScoop, overseeing coverage of federal government technology policy and cybersecurity. Before joining Scoop News Group in 2023, Matt was a senior editor at Morning Consult, leading data-driven coverage of tech, finance, health and energy. He previously worked in various editorial roles at The Baltimore Sun and the Arizona Daily Star. You can reach him at

Latest Podcasts