A Congressional Budget Office report says a requirement to replace or update information systems within a year under the Federal Cybersecurity Enhancement Act of 2015 would cost the government “hundreds of millions of dollars” over a five-year period ending in 2020.
CBO also estimates that there would be significant costs associated with the need to remove a federal agency’s ability to secure a waiver on some of the requirements of the Senate bill, the agency said Friday.
Under the legislation, the Department of Homeland Security would be required to deploy systems that work to detect and prevent cyber threats in government networks and other digital infrastructures.
The bill would also direct agencies to implement the tools, data encryption and other capabilities within one year in order to safeguard their information systems from potential cyber attacks.
“[The bill] would not increase net direct spending or on-budget deficits in any of the four consecutive 10-year periods beginning in 2026,” CBO also noted.