HOT TOPICS >> Cloud computing | Cybersecurity | Gov 2.0 | Fiscal 2012 | Mobile | Transparency | GAO reports
AGENCY NEWS >> Defense | NASA | Homeland Security | NIST | OMB | Veterans Affairs | NARA | GSA
Latest News
Media Partner
Free Newsletter
FierceGovernmentIT tracks the latest technological developments in the U.S. government. Join more than 17,000 federal/state decision makers and IT executives who get FierceGovernmentIT via email. Sign up today!
About | View Sample | Privacy
Whitepapers
- IMPROVING THE MANAGEMENT OF FEDERAL GOVERNMENT IT ASSETS THROUGH BETTER COMMUNICATION WITH THE IT INDUSTRY
- The Top 4 Reasons Your Telecom Expense Management Provider Shouldn't Manage Your Wireless
- Cloud Computing: Threat or opportunity for VARs and MSPs? Special focus on cloud collaboration and messaging
- The E-discovery Toolbox: What you should look for in a unified e-discovery solution
- Inside the Federal Cloud: Master the Challenges, Seizing the Opportunities
- Virtual Game Changer
House approves FISMA reform
Legislative reform of federal cybersecurity practices came yet another step closer to reality May 28 with House passage of the fiscal 2011 national defense authorization bill, which includes an amendment to overhaul the Federal Information Security Management Act.
Representatives approved the amendment, offered by Reps. Diane Watson (R-Calif.) and James Langevin (D-R.I.) as part of a bloc of legislative proposals. The authorization bill itself passed on a 229 to 186 roll call vote; it now faces reconciliation with the Senate version, which has yet to be considered on the Senate floor but which did pass through the Senate Armed Services Committee on Friday.
The amendment would require the White House to institute a familiar set of called-for reforms--the amendment includes elements from H.R. 4900, sponsored by Watson, and H.R. 5247, sponsored by Langevin.
Among its provisions is establishment of a presidentially-appointed, Senate confirmed director of a national office for cyberspace within the executive office of the president. The director, together with a federal cybersecurity practice board, would be responsible for developing and updating federal cybersecurity practices. The Defense Department and the CIA would be exempt from the director's oversight.
The director would also review proposed agency cybersecurity funding for the following fiscal year before agencies send their spending plans to Office of Management and Budget. The director could only offer non-binding suggestions, however.
Agencies would be required to have automated and continuous monitoring of their networks and would annually undergo an independent audit of their information security program.
Contractors and subcontractors supporting information technology systems or an "information infrastructure" for a federal agency would also be subject to yearly independent audits.
Federal agencies, including the Defense Department, would also be required to embed information into contracts cybersecurity standards to be developed by the national cyberspace director, the National Institutes of Standards of Technology and the General Services Administration.
The amendment would also legislatively establish the office of chief technology office within the White House, giving the CTO his own office. The position would not require Senate confirmation; Aneesh Chopra, the current federal CTO, works within the White House Office of Science and Technology Policy but he was confirmed by the Senate.
For more:
- see the amendment (.pdf) to the House fiscal 2011 defense authorization bill
- see statements from Reps. Watson and Langevin
Related Articles:
Congressional cybersecurity bill roundup UPDATED
House committee approves FISMA reform
OMB gives DHS new powers under revised FISMA guidance
NASA moves away from C&A on IT systems
SHARE WITH:
Home
| Subscribe | Advertise | Mobile Edition | RSS |
Privacy
| Site Map
| EditorsTHE FIERCEMARKETS NETWORKFierceEnergy | FierceSmartGrid | FierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceHealthPayer | FiercePracticeManagement | FierceEMR | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceGovernment | FierceHomelandSecurity | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceMedicalDevices | FierceDrugDelivery | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceEnterpriseCommunications | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe | FierceCable© 2011 FierceMarkets. All rights reserved. |
 |
