Bill would set infosec standards

Sen. John Edwards (D-N.C.) introduced a bill Jan. 16 that is designed to better position the federal government to serve as a model in information security.

The Cyber Security Leadership Act (S. 187) would direct the National Institute of Standards and Technology to establish higher standards for federal information security. NIST would develop the standards after agencies performed comprehensive analyses of their networks and systems to discover where weaknesses lie.

These assessments have been required since 2000 under the Government Information Security Reform Act, and the requirement continues under the Federal Information Security Management Act of 2002. However, Edwards expressed concern that agencies continue to receive failing grades in security from Congress and elsewhere.

"These procedures will strengthen our government's resistance to cyberattacks and will demonstrate to the business community the tremendous value in conducting comprehensive security tests and monitoring new developments," Edwards said in a statement on the Senate floor.

The bill was referred to the Senate Governmental Affairs Committee but is not yet available online.

Featured

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

  • IT Modernization
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    VA plans 'strategic review' of $16B software program

    New Veterans Affairs chief Denis McDonough announced a "strategic review" of the agency's Electronic Health Record Modernization program of up to 12 weeks.

Stay Connected