A bipartisan group of senators looking to strengthen the Department of Homeland Security’s ability to intercede at agencies with weak cybersecurity introduced the Federal Information Security Management Reform Act (FISMA Reform) on Wednesday.
Advertisement
The bill would essentially revise the Federal Information Security Management Act of 2002 again. As the government has disclosed, the cyber attack on the Office of Personnel Management (OPM) compromised the personal information of more than 21 million federal employees, contractors, and legislative leaders. Currently, each agency monitors its own networks and then requests help from the DHS if it feels it needs it. The measure also would direct the DHS to conduct risk assessments of any network within the government domain. DHS also can not regularly deploy countermeasures to block malware without permission as well.
The bill is sponsored by Republican Sens. Mark Warner of Virginia, Barbara Mikulski of Maryland and Claire McCaskill of Missouri.
But legislation won’t solve all the problems, Warner said. “Every agency has got the reason why they in particular can’t comply”.
While the Department of Homeland Security is already charged with protecing the.gov domain name, it has limited authority at this time, according to the legislators.
“The attack on OPM has been a painful illustration of just how behind-the-curve some of our federal agencies have been when it comes to cybersecurity”, said Sen.
“The recent cyberattack at OPM affected a staggering number of Americans and exposed a tremendous vulnerability with the status quo in the defense of federal civilian networks”. She had made data of 22 million Americans vulnerable.
Advertisement
Sen. Susan Collins, R-Maine, a bill co-sponsor, called the legislation “crucial to securing our government systems and helping to prevent future, potentially devastating cyber attacks against our nation”.
