I
119THCONGRESS
1
STSESSION H. R. 807
To direct the Secretary of the Treasury to submit a report on coordination
in the public and private sectors in responding to ransomware attacks
on financial institutions, and for other purposes.
IN THE HOUSE OF REPRESENTATIVES
JANUARY28, 2025
Mr. N
UNNof Iowa (for himself and Mr. GOTTHEIMER) introduced the
following bill; which was referred to the Committee on Financial Services
A BILL
To direct the Secretary of the Treasury to submit a report
on coordination in the public and private sectors in re-
sponding to ransomware attacks on financial institutions,
and for other purposes.
Be it enacted by the Senate and House of Representa-1
tives of the United States of America in Congress assembled, 2
SECTION 1. SHORT TITLE. 3
This Act may be cited as the ‘‘Public and Private 4
Sector Ransomware Response Coordination Act of 2025’’. 5
VerDate Sep 11 2014 22:46 Feb 24, 2025 Jkt 059200 PO 00000 Frm 00001 Fmt 6652 Sfmt 6201 E:\BILLS\H807.IH H807
kjohnson on DSK7ZCZBW3PROD with $$_JOB 2
•HR 807 IH
SEC. 2. REPORT ON COORDINATION IN THE PUBLIC AND 1
PRIVATE SECTORS IN RESPONDING TO 2
RANSOMWARE ATTACKS ON FINANCIAL IN-3
STITUTIONS. 4
(a) I
NGENERAL.—Not later than one year after the 5
date of the enactment of this section, the Secretary of the 6
Treasury shall submit to the appropriate congressional 7
committees a report that describes the following: 8
(1) The current level of coordination and col-9
laboration between the public and private sectors, in-10
cluding entities in the public and private sectors that 11
manage cybersecurity, in response to, and for the 12
prevention of, a ransomware attack on a financial 13
institution. 14
(2) The coordination among relevant govern-15
mental agencies in response to, and for the preven-16
tion of, a ransomware attack on a financial institu-17
tion. 18
(3) Whether relevant governmental agencies 19
have timely access to relevant information reported 20
by a financial institution following a ransomware at-21
tack on the financial institution. 22
(4) The utility of such information to any rel-23
evant governmental agency in the prevention or in-24
vestigation of a ransomware attack on a financial in-25
VerDate Sep 11 2014 22:46 Feb 24, 2025 Jkt 059200 PO 00000 Frm 00002 Fmt 6652 Sfmt 6201 E:\BILLS\H807.IH H807
kjohnson on DSK7ZCZBW3PROD with $$_JOB 3
•HR 807 IH
stitution, or the prosecution of a person responsible 1
for such attack. 2
(5) An analysis of reporting requirements appli-3
cable to a financial institution with respect to a 4
ransomware attack in relation to the utility to any 5
relevant governmental agency of the reported infor-6
mation in the prevention or investigation of a 7
ransomware attack on a financial institution, or the 8
prosecution of a person responsible for such attack. 9
(6) Whether further legislation is required to 10
increase the utility and timely access of such infor-11
mation to any relevant governmental agency fol-12
lowing a ransomware attack on a financial institu-13
tion. 14
(7) Any recommended policy initiatives to bol-15
ster public-private partnerships, increase incident re-16
port sharing, and decrease incident response time. 17
(8) The extent to which, and reasons that, fi-18
nancial institutions withhold or delay reporting to 19
relevant governmental agencies information about a 20
ransomware attack. 21
(9) Any feedback on the contents of the report 22
received from cybersecurity and ransomware re-23
sponse entities that provide services to financial in-24
stitutions. 25
VerDate Sep 11 2014 22:46 Feb 24, 2025 Jkt 059200 PO 00000 Frm 00003 Fmt 6652 Sfmt 6201 E:\BILLS\H807.IH H807
kjohnson on DSK7ZCZBW3PROD with $$_JOB 4
•HR 807 IH
(b) FORM OFREPORT.—The report described in sub-1
section (a) shall be submitted in unclassified form, but 2
may include a classified annex. 3
(c) B
RIEFING.—Not later than 15 months after the 4
date of the enactment of this section, the Secretary of the 5
Treasury shall brief the appropriate congressional commit-6
tees on the findings of the report described in subsection 7
(a). 8
(d) D
EFINITIONS.—In this section: 9
(1) A
PPROPRIATE CONGRESSIONAL COMMIT -10
TEES.—The term ‘‘appropriate congressional com-11
mittees’’ means— 12
(A) the Committee on Financial Services 13
of the House of Representatives; 14
(B) the Permanent Select Committee on 15
Intelligence of the House of Representatives; 16
(C) the Committee on Banking, Housing, 17
and Urban Affairs of the Senate; and 18
(D) the Select Committee on Intelligence 19
of the Senate. 20
(2) C
YBERSECURITY AND RANSOMWARE INCI -21
DENT RESPONSE ENTITY .—The term ‘‘cybersecurity 22
and ransomware incident response entity’’ means an 23
entity that provides incident responses, managed 24
services, or advisory services that— 25
VerDate Sep 11 2014 22:46 Feb 24, 2025 Jkt 059200 PO 00000 Frm 00004 Fmt 6652 Sfmt 6201 E:\BILLS\H807.IH H807
kjohnson on DSK7ZCZBW3PROD with $$_JOB 5
•HR 807 IH
(A) supports investigation and risk man-1
agement related to ransomware attacks in the 2
public and private sectors; 3
(B) strengthens cybersecurity technology 4
in the financial sector; and 5
(C) reduces overall cyber risk in the finan-6
cial sector by assessing the security posture of 7
a financial institution, assisting a financial in-8
stitution with regulatory compliance, and pro-9
viding recommendations to a financial institu-10
tion for recovery after a ransomware attack and 11
prevention of any future attacks. 12
(3) F
INANCIAL INSTITUTION.—The term ‘‘fi-13
nancial institution’’ has the meaning given that term 14
under section 5312(a) of title 31, United States 15
Code. 16
Æ
VerDate Sep 11 2014 22:46 Feb 24, 2025 Jkt 059200 PO 00000 Frm 00005 Fmt 6652 Sfmt 6301 E:\BILLS\H807.IH H807
kjohnson on DSK7ZCZBW3PROD with $$_JOB