Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

House panels OK cybersecurity bills on FISMA, critical infrastructure security

The legislation would retain authority of FISMA implementation with the OMB, putting the bill at odds with proposed measures by the White House and Senate
The legislation would retain authority of FISMA implementation with the OMB, putting the bill at odds with proposed measures by the White House and Senate

The House Oversight and Government Report Committee passed the Federal Information Security Amendments Act (HR 4257), which would overhaul the 10-year-old Federal Information Security Management Act (FISMA).

The bill would establish a mechanism for stronger oversight of federal IT system security through automated and continuous monitoring of cybersecurity threats and regular threat assessments.

It would also mandate the establishment of baseline security controls for federal agencies and provide agencies more authority to make decisions about off-the-shelf security products in their respective IT systems.

The legislation would retain authority of FISMA implementation with the Office of Management and Budget, putting the bill at odds with the White House’s comprehensive cybersecurity proposal and the Senate leadership-supported Cybersecurity Act, which would transfer authority to the Department of Homeland Security (DHS).

In addition, the House Homeland Security Committee approved an amended version of the Promoting and Enhancing Cybersecurity and Information Sharing Act (PRECISE Act), HR 3674.

The bill as passed by the cybersecurity subcommittee would encourage critical infrastructure companies to adopt cybersecurity best practices and would have given the DHS responsibility for safeguarding critical infrastructure cybersecurity.

However, the full committee stripped out the provision giving the DHS authority over the security of private sector-operated critical infrastructure, according to the Federal Times.
 

What’s Hot on Infosecurity Magazine?