U.S. Senators Rob Portman (R-OH) and Gary Peters (D-MI) recently introduced a bipartisan bill that would increase transparency and modernize how the government responds to cybersecurity incidents on federal information systems.
In June 2019, Senator Portman, as Chairman of the Permanent Subcommittee on Investigations, released a bipartisan report that found that the vast majority of agencies reviewed by the Subcommittee failed to implement effective and comprehensive cybersecurity frameworks as required by the Federal Information Security Modernization Act (FISMA).
The Federal System Incident Response Act will update and add critical new sections to FISMA, increasing transparency by clarifying how and when agencies must notify impacted individuals and Congress when data breaches occur.
The bill would also require agencies to share information about cybersecurity incidents with the Office of Management and Budget (OMB) and the Cybersecurity and Infrastructure Security Agency (CISA) to ensure that attacks against one agency can be compared to other agency incidents.
With this information, CISA will produce an annual report on federal incidents to help federal and private sector cybersecurity professionals understand the most common and dangerous threats, bolstering their cyber defenses.
Finally, to streamline operations, the bill would require the OMB director to develop guidance and templates for agencies, standardizing processes and reducing the cost and time to share this critical information.
“This bipartisan bill takes important steps to better coordinate our government’s response to breaches and quickly inform the American people if their information has been compromised,” said Senator Portman.