On July 31, 2024, the Senate Homeland Security and Governmental Affairs Committee voted 10-1 to advance three bipartisan cybersecurity bills, sending them toward full Senate consideration. One of them targets a complaint every compliance officer knows well: the patchwork of conflicting federal cyber rules. Here is what cleared committee and why it matters to contractors.
1. Streamlining Federal Cybersecurity Regulations Act
Co-sponsored by Chair Gary Peters (D-Mich.) and Sen. James Lankford (R-Okla.), this bill aims to harmonize federal cyber requirements for the private sector — a long-standing industry frustration about overlapping and sometimes contradictory mandates from different agencies.
It would create a committee — including the National Cyber Director, the head of OMB's Office of Information and Regulatory Affairs (OIRA), and the heads of federal regulatory agencies — charged with identifying cyber regulations that are "overly burdensome, inconsistent, or contradictory" and recommending fixes. For contractors juggling FAR/DFARS, agency-specific rules, CISA directives, and sector regulators, harmonization is the holy grail: less duplicated effort, fewer conflicting clocks.
2. Healthcare Cybersecurity Act
From Sens. Jacky Rosen (D-Nev.), Todd Young (R-Ind.), and Angus King (I-Maine), this bill responds to the February 2024 ransomware attack on Change Healthcare, which disrupted payments across much of the U.S. health system. It would direct CISA to collaborate with HHS on health-sector cyber defense, provide resources to non-federal entities, and designate a CISA liaison to HHS to coordinate during cyber events. It is part of a broader federal push on healthcare cyber resilience (see our look at the White House healthcare cybersecurity effort).
3. Federal Cyber Workforce Training Act
From Sens. Mike Rounds (R-S.D.) and Jon Ossoff (D-Ga.), this bill tasks the National Cyber Director with building a centralized training resource for the federal cyber workforce — making it easier to prepare early-career hires and re-skill mid-career staff, leveraging academia to develop curricula.
A Reality Check on "Cleared Committee"
Clearing a committee is an early step, not a law. Bills can stall, change substantially, or die before a floor vote — and many do. Treat this as a signal of direction, not a new obligation. The useful takeaway is *where Congress is pointing*: toward reducing regulatory friction and shoring up health-sector and workforce cyber capacity.
What to Do Now
- Track the harmonization bill. If it becomes law, it could reshape how overlapping cyber rules apply to you — for the better.
- Healthcare contractors: expect continued federal focus on sector cyber resilience; align early. See Healthcare.
- Don't change compliance plans yet. Build to the rules in force today while watching these for movement.
Key Takeaways
- A Senate panel advanced three bipartisan cyber bills on reg harmonization, health security, and workforce.
- The harmonization bill is the one to watch for contractors tired of conflicting mandates.
- Committee passage is an early signal, not a final rule — keep complying with current requirements.
Keep current obligations straight with Find My Requirements, or review the Federal Statutes library.