Congress Passes Bill to Address Cyber Attacks on Federal Agencies

WASHINGTON- Today, the House of Representatives passed critical legislation that would help federal agencies thwart cyber attacks. The bill, which updates a 12-year-old law to meet the federal government’s current cybersecurity needs, establishes real-time monitoring of federal computer networks, and enhances oversight of federal data breaches, now heads to the President’s desk to be signed into law.

The Federal Information Security Modernization Act of 2014, introduced by Senate Homeland Security and Governmental Affairs Committee Chairman Tom Carper (D-Del.) and Ranking Member Tom Coburn (R-Okla.), would update the Federal Information Security Management Act of 2002 to better protect federal agencies from cyber attacks. The bill would better delineate the roles and responsibilities assigned to agencies charged with securing the “.gov” domain, move agencies away from the current paperwork-heavy security review processes, and place greater management and oversight attention on data breaches at federal agencies. The bill is more than overdue: cyber attacks reported by federal agencies have increased by nearly 680 percent over the past six years, according to a recent study by the Government Accountability Office.

“Cybersecurity is one of our nation’s biggest challenges,” said Chairman Carper. “Recently, several federal agencies, from the Postal Service to the Office of Personnel Management to the State Department to the White House have been hit with serious cyber attacks.  It is more than clear that the federal government needs to address this 21st century threat with a 21st century response. This bill will modernize our outdated federal network security laws, provide the tools and authorities needed to improve security at our federal agencies, and increase transparency and accountability for data breaches at federal agencies. On top of that, it allows taxpayer dollars to be better spent on improving network security by reducing unnecessary and burdensome paper-based reporting. I commend my colleagues in the House of Representatives for voting to bring this critical bill across the finish line and to the President’s desk.”


“For too long, the federal government has struggled with poor cybersecurity practices, which puts the American people’s sensitive information at risk,” said Dr. Coburn. “This bipartisan reform bill is a small but significant step to address the problem.  It requires agencies to be accountable to Congress and the public for data breaches and other incidents to protect the public’s information.”


Today, the House of Representatives also passed the Border Patrol Agent Pay Reform Act of 2013, a bill that contains provisions from the DHS Cybersecurity Workforce Recruitment and Retention Act of 2014. The bill, which now heads to the President’s desk to be signed into law, helps address critical challenges that the Department of Homeland Security faces in hiring and retaining cybersecurity professionals by providing the Secretary of Homeland Security hiring and compensation authorities for cybersecurity experts like those of the Secretary of Defense.

Today, the Senate unanimously passed the National Cybersecurity Protection Act of 2014. The bill would codify the existing cybersecurity and communications operations center at the Department of Homeland Security, known as the National Cybersecurity and Communications Integration Center. The bill authorizes the Center’s current activities to share cybersecurity information and analysis with the private sector, provide incident response and technical assistance to companies and federal agencies, and recommend security measures to enhance cybersecurity.