U.S. Senators Rob Portman and Gary Peters have introduced the bipartisan Risk-Informed Spending for Cybersecurity (RISC) Act. The bill would require the federal government to make better investments in cybersecurity protections to keep Americans’ data safe.

The legislation requires federal agencies to allocate limited cybersecurity resources to acquire capabilities that address the most pressing cyber threats.

In June 2019, Senator Portman, as Chairman of the Permanent Subcommittee on Investigations, released a bipartisan report. It found that the vast majority of agencies reviewed by the Subcommittee failed to implement effective and comprehensive cybersecurity frameworks.

This included the failure to protect sensitive personally identifiable information and an overreliance on outdated legacy systems.

Senator Portman added: “It is crucial that federal agencies know the return on investment for each cybersecurity capability acquired and whether those capabilities address existing security vulnerabilities. This bipartisan legislation will help give federal agencies the information they need to make informed decisions about their cybersecurity budgets.”