WASHINGTON – The Homeland Security and Governmental Affairs Committee gave final approval Tuesday to several pieces of good government and homeland security legislation, including the Federal Information Security Management Act (S.3474) to strengthen the federal government’s ability to protect against cyber attacks and vulnerabilities. The Committee also passed the Information Technology Investment Oversight Enhancement and Waste Prevention Act (S.3384) to strengthen government-wide oversight of information technology investments, which accounts for $71 billion of the federal budget.
Two important homeland security bills also cleared the Committee. They were the Nuclear Forensics and Attribution Act (H.R. 2631) to help identify the source of confiscated or exploded nuclear materials and the Homeland Security Open Source Information Enhancement Act (H.R. 3815) to encourage the Department of Homeland Security to make better use of open source information. The Committee approved five other pieces of legislation, three nominees, and four postal naming bills.
“Recent reports of foreign governments hacking into federal systems remind us that the federal government is not doing enough to guarantee the security of its computer systems and the vast databases within them,” said Committee Chairman Joe Lieberman, ID-Conn. “Protecting federal computer systems and the systems that support critical infrastructures has never been more important. This legislation will help safeguard those systems and standardize information security measures across the government.”
Ranking Member Susan Collins, R-Maine, said: “The Information Technology Investment Oversight Enhancement and Waste Prevention Act will go far toward addressing weaknesses in federal information technology procurement identified by the GAO and will reduce the risks that these important projects drag on far beyond deadlines, fail to deliver intended capabilities, or waste taxpayers’ money. Our government and our citizens will benefit from the change.”
Legislation reported out of the Committee includes:
• S. 3474, Federal Information Security Management Act (FISMA) Reform:
Introduced by Senators Tom Carper, D-Del., and Lieberman and co-sponsored by Senators Collins and Norm Coleman, R-Minn., would amend FISMA to, among other things, create a Chief Information Security Officer Council to establish information security best practices and guidelines; require DHS to conduct “red team” penetration tests against civilian agencies based upon known attacks and vulnerabilities; and help standardize information security measures.
• S. 3384, Information Technology Investment Oversight Enhancement and Waste Prevention Act of 2008: Introduced by Senators Carper and Collins and cosponsored by Senators Lieberman, Coleman, Claire McCaskill, D-Mo., and George Voinovich, R-Ohio, this bill would help improve IT project planning, avoid problems in project execution, provide early alerts when problems arise, and promote prompt corrective action. It would require each agency to provide independent cost estimates and regular progress reports to the agency Chief Information Officer and submit two annual reports to Congress on improving the IT acquisitions process and the goals and costs of all major IT investment projects.
• H.R. 2631, Nuclear Forensics and Attribution Act: Would create a National Nuclear Forensics Expertise Development Program, authorize funding for research and development to improve attribution techniques, and establish the National Technical Nuclear Forensics Center within the Domestic Nuclear Detection Office to coordinate the activities of agencies with lead responsibilities for this mission.
• H.R. 3815, Homeland Security Open Source Information Enhancement Act of 2007: Would require the Secretary of Homeland Security to ensure that Department of Homeland security components responsible for information sharing and infrastructure protection make full and efficient use of open source information to develop and disseminate open source products.
The Committee also approved:
• H.R. 6098, Personnel Reimbursement for Intelligence Cooperation and Enhancement of Homeland Security Act
• H.R. 3815, Homeland Security Open Source Information Enhancement Act of 2007
• H.R. 6073, To provide that Federal employees receiving their pay by electronic funds transfer shall be given the option of receiving their pay stubs electronically
• S. 3350, A bill to provide that claims of the U.S. to certain documents relating to Franklin Delano Roosevelt shall be treated as waived and relinquished in certain circumstances
• S. 3477, Presidential Historical Records Preservation Act of 2008
• An original bill to establish a controlled unclassified information framework
The Committee approved the following nominations:
• Ruth Y. Goldway to be a Commissioner of the Postal Regulatory Commission
• Carol W. Pope and Thomas M. Beck to be members of the Federal Labor Relations Authority