WASHINGTON – U.S. Senators John Cornyn (R-TX) and Gary Peters (D-MI) and U.S. Representatives Daniel Webster (FL-11) and Salud Carbajal (CA-24) today introduced their Protecting Investments in Our Ports Act, which would ensure that all applicants for competitive grant funding from the Port Infrastructure Development Program (PIDP) to purchase secure digital infrastructure or software components certify that they have a security plan addressing cyber risks:

“As technology continues to advance and global tensions rise, we must take steps to address the growing threat posed by adversaries looking to access sensitive information or disrupt supply chains at our ports,” said Sen. Cornyn. “This legislation would mitigate the risk of cyber-espionage by foreign countries and help ensure the digital infrastructure and technology at our ports is secure.”

“This commonsense, bipartisan bill would help strengthen our nation’s defenses against cyberattacks by making sure ports have the necessary digital infrastructure and safeguards in place to protect both U.S. national security and supply chains as goods move throughout our waterways,” said Sen. Peters.

“The threats posed by the introduction of new software and digital infrastructure continues to be a huge concern of mine,” said Rep. Webster. “We must ensure that ports continue to keep cybersecurity vulnerabilities in mind to insulate their operations against any potential attacks by those wishing to disrupt our supply chains. This legislation is an important step in doing just that.”

“As we’ve seen over the past few years, our ports are vital to maintaining and operational and fluid supply chain,” said Rep. Carbajal. “Unfortunately, cyber-attacks at our ports are ever increasing and putting our supply chain at risk. I’m happy to support this bill which would strengthen port cyber security and ensure federal funds are going to recipients that safeguard our supply chain and goods.”

Background:

Chinese-made cranes operating at American ports across the country, including several at strategic ports used by the military, have embedded technology that could be used to spy on and disrupt U.S. port operations. The Protecting Investments in our Ports Act would require applicants of the Port Infrastructure Development Program (PIDP) under the Maritime Administration that are acquiring digital infrastructure or a software component to certify that they have an approved National Maritime Transportation Security Plan that addresses cyber risks.

This legislation builds on Sen. Cornyn’s Cranes of Concern at our Ports (CCP) Act, which was signed into law as part of the National Defense Authorization Act for FY24 and requires the federal government to evaluate threats to U.S. ports posed by cranes manufactured in countries of concern, especially those made by China’s Shanghai Zhenhua Heavy Industries Company (ZPMC). The Protecting Investment in Our Ports Act makes sure competitive grant funding from the PIDP is being used to purchase secure infrastructure and provides another layer of checks on security.