Bipartisan Senate Bill Promotes Agency Cyberhygiene
New legislation introduced in the Senate seeks to promote cybersecurity within the federal government by requiring agency Inspector General reports on the security practices and software used by agencies.
The bipartisan legislation, the Federal Computer Security Act of 2015, was introduced by Senate Finance Committee Chairman Orrin Hatch (R-UT) and Sen. Tom Carper (D-DE), ranking member of the Senate Homeland Security and Governmental Affairs Committee.
The introduction of the legislation follows major data breaches at federal agencies, including the Internal Revenue Service (IRS), Department of Homeland Security (DHS), and Office of Personnel Management (OPM) where classified and personally identifiable information of employees and taxpayers was stolen by hackers.
“The Federal Computer Security Act of 2015 will shine light on whether our federal agencies are using the most up-to-date security practices and software to safeguard our nation’s most sensitive information,” Sen. Hatch said. “Given the recent federal data breaches, this bill is critical to getting our computer networks in order and to promoting good cyber hygiene across the federal government.”
“The troubling reality is that cyber attacks and intrusions continue to occur at an increasing rate, and federal agencies need to be better prepared,” Sen. Carper said. “This legislation builds on our ongoing efforts to bolster the federal government’s cyber defenses by adding another important layer of oversight to make sure agencies are doing all that they can to protect their critical networks and to ensure that sensitive information is properly secured.
In addition to requiring IG reports on agency security practices, the legislation also directs the Government Accountability Office (GAO) to provide a report, including an economic analysis, of any impediments to agency use of effective security software and security devices.
A section-by-section of the bill can be accessed here.
“To safeguard our government’s most sensitive information, our federal agencies must use the most up-to-date security practices. In order to accomplish this goal, Congress needs a better understanding of the security-related practices and software currently in use by our agencies. Ensuring that agencies and their contractors are using the best security practices, including using only genuine and fully licensed software on their systems, will help strengthen their cybersecurity efforts and keep sensitive information out of the wrong hands,” said Victoria Espinel, President and CEO of BSA, The Software Alliance. “BSA and our member companies look forward to working with Senators Hatch and Carper to continue to improve the security of our government’s computer systems, and this bill represents an important first step to achieving this goal.”
Posted in From the Hill