Lawmakers Introduce Bill to Limit Federal Agency Cybersecurity Waivers

U.S. Senator Ron Wyden, D-Ore., and U.S. Representative Lauren Underwood, D-Ill., introduced a bill to strengthen oversight of the cybersecurity of federal agencies.

In 2015, Congress required federal civilian agencies to implement cybersecurity best practices, like data encryption and two-factor authentication. The agencies, however, have the ability to issue themselves blanket, indefinite waivers for these cybersecurity measures.

“Lax cybersecurity at federal agencies needlessly exposes Americans to privacy and security threats, while putting our national security at risk. The Federal Cybersecurity Oversight Act would prevent civilian agencies from punting cybersecurity down the road indefinitely, leaving Americans’ data open for attack from hackers and foreign spies,” Wyden said.

“To secure our nation’s infrastructure, we must prioritize that federal agencies are adhering to the best cybersecurity practices. The Federal Cybersecurity Oversight Act will strengthen federal cybersecurity standards and facilitate congressional oversight to protect federal websites, confidential data, and other critical systems from attacks. I’m pleased to join Senator Wyden to introduce this timely legislation,” said Congresswoman Underwood, Chairwoman of the Committee on Homeland Security’s Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation.

The Federal Cybersecurity Oversight Act would increase oversight of these waivers, limiting the waivers to one year at a time and placing the Director of the Office of Management and Budget (OMB) in charge of issuing all waivers.

In order to request a waiver, the agency head must certify to OMB that:

  • It would be excessively burdensome to implement the particular requirement;
  • The particular requirement is not necessary to secure the agency system and data; and
  • The agency has taken all necessary steps to secure the agency system and data.

A copy of the bill text is available here.

Read more at Sen. Wyden’s office

(Visited 63 times, 1 visits today)

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Cybersecurity

Go to Top
X
X