Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, have introduced legislation to add provisions to the Federal Information Security Management Act that would help ensure transparency in agencies’ sharing of information on data breaches. Peters is a ranking member of the Committee on Homeland Security and Governmental Affairs.
The Senate panel said Friday the Federal System Incident Response Act would mandate agencies to share incident data with the Cybersecurity and Infrastructure Security Agency (CISA) and the Office of Management and Budget (OMB) to “ensure that attacks against one agency can be compared to other agency incidents."
CISA must also submit an annual report containing details on federal cybersecurity incidents as well as OMB-provided templates and guidance to help the public and private sectors fortify their security postures.
The bill comes in response to the Government Accountability Office's (GAO) report stating that agencies must urgently address threats to federal systems.
“Our federal information systems are subjected to persistent cyber-attacks that pose a significant national security threat, and our government is not currently prepared to effectivity respond to them,” said Peters.
“This bipartisan bill takes important steps to better coordinate our government’s response to breaches and quickly inform the American people if their information has been compromised,” noted Portman.
