The Senate Monday evening passed by voice vote a bill that would modernize the federal information security system by strengthening oversight and clarifying roles and responsibilities.
The Federal Information Security Modernization Act (FISMA) of 2014 (S. 2521) clarifies that the White House Office of Management and Budget is responsible for FISMA oversight and enhances the role of agency chief information officers to strengthen accountability within departments. The bill passed the Senate Homeland Security Committee in June (Defense Daily, June 25).
“This bill will modernize our outdated federal network security laws, provide the tools and authorities needed to improve security at our federal agencies, and increase transparency and accountability for data breaches at federal agencies,” Sen. Tom Carper (D-Del.), chairman of the Senate Homeland Security Committee, said in a statement. “On top of that, it allows taxpayer dollars to be better spent on improving network security by reducing unnecessary and burdensome paper-based reporting.”
Carper and ranking member Sen. Tom Coburn (R-Okla.) introduced the legislation, which still must be approved by the House.
Some of the bill’s provisions include requiring the Department of Homeland Security to ensure the operation of the Federal Information Security Incident Center (FISIC), to develop and oversee implementation of operational directives to agencies to implement OMB standards and guidelines, that agencies notify Congress within seven days of cyber security incidents, directs FISIC to provide agencies with intelligence about cyber threats and vulnerabilities, and requires OMB to create procedures for agencies to follow in the event of a cyber breach when personally identifiable information is disclosed.