House passes FISMA update, cyber training bills
Three bills now move to the Senate, where Homeland Security Chairman Carper will determine that chamber's strategy for cyber legislation.
Three bills now move to the Senate, where Homeland Security Chairman Carper will determine that chamber's strategy for cyber legislation.
Security standards for federal computer networks would get a spring cleaning under a bill passed by the House on April 16.
The Federal Information Security Amendments Act of 2013 updates the Federal Information Security Management Act of 2002 and makes the director of the Office and Management and Budget responsible for overseeing the security of government information systems.
The bill also requires agencies to comply with computer security standards developed by the National Institute of Standards and Technology, and requires each agency to develop and implement security programs under the direction of its CIO. Furthermore, the legislation stipulates that senior federal managers be graded on IT security as part of their annual performance evaluations.
Rep. Darrell Issa (R-Calif.), who sponsored the legislation as chairman of the House Oversight and Government Reform Committee, said the FISMA update will improve the nation’s cyber defense posture. It addresses “the shortcomings of FISMA by incorporating recent technological innovations. It will also enhance and strengthen the current framework that protects federal information technology systems,” Issa said in an emailed statement.
The bill had strong bipartisan support. Ranking member Rep. Elijah Cummings (D-Md.) and Rep. Gerry Connolly (D-Va.) co-sponsored the bill, which passed the full House by a vote of 416-0.
The House passed two other IT bills in the same session with near-unanimous support under a suspension of House rules, which require two-thirds majority for passage.
The Cybersecurity Enhancement Act of 2013 seeks to improve the cyber workforce through research grants and strategic planning. It also requires the executive branch to take stock of the current cyber workforce and plan to train and deploy the cyber workforce of the future. The bill instructs OMB to develop a comprehensive cloud computing strategy that includes the security of data stored on cloud-based servers and the security of the physical equipment.
The High-Performance Computing Act of 1991 was amended under the Advancing America's Networking and Information Technology Research and Development Act. It would update the Networking and Information Technology Research and Development program to reflect technological developments and account for shifts in priorities. Among other things, the update includes new research on big data, visualization and human/computer interaction.
All three measures now go to the Senate. In the previous Congress, the Senate Homeland Security and Governmental Affairs Committee tried and failed to pass comprehensive cybersecurity legislation. It is not clear whether new chairman Sen. Tom Carper (D-Del.) plans to take up these individual bills or will seek a broader legislative package.
The cyber-focused action on the House floor followed several votes on federal workforce and contracting issues on April 15. A bill that would make government employees with serious tax delinquencies ineligible for federal employment failed to advance. However, the House overwhelmingly passed the Contracting and Tax Accountability Act of 2013, under which individuals and firms seeking to contract with the government would have to declare that they are not burdened by seriously delinquent tax bills.