To amend chapter 35 of title 44, United States Code, to create the National Office for Cyberspace, to revise requirements relating to Federal information security, and for other purposes.
Federal Information Security Amendments Act of 2010 - Revises provisions of federal law concerning government information security. Establishes: (1) in the Executive Office of the President the National Office for Cyberspace to serve as the principle office for coordinating an assured, reliable, secure, and survivable information infrastructure and related capabilities; and (2) within such Office the Federal Cybersecurity Practice Board, which shall be responsible for developing and periodically updating information security policies and procedures.
Requires the Director of such Office to: (1) develop and oversee the implementation of policies, standards, and guidelines on information security; and (2) require agencies to identify and provide protections commensurate with the risk and magnitude of harm resulting from unauthorized access, use, disclosure, disruption, modification, or destruction of information collected by or maintained for an agency or of information systems used by or operated for an agency. Makes the head of each agency responsible for providing appropriate information security protections.
Requires: (1) each agency to have an annual independent information security effectiveness evaluation; and (2) the Director of the Office of Management and Budget (OMB), on the basis of proposed standards developed by the National Institute of Standards and Technology (NIST), to promulgate information security standards pertaining to federal information systems. Allows an agency to employ more stringent standards.
Requires the Director of the National Office for Cyberspace to: (1) ensure the operation of a central federal information security incident center; and (2) oversee the development and implementation of policies, standards, and guidance to cost effectively enhance agency information security.
Prohibits an agency from entering into a contract or interagency agreement for information technology without including requirements to provide effective information security. Provides for vulnerability assessments of major systems.
Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (text of measure as introduced: CR S4824-4828)
Introduced in House
Introduced in House
Referred to the House Committee on Oversight and Government Reform.
Referred to the Subcommittee on Government Management, Organization, and Procurement.
Committee Consideration and Mark-up Session Held.
Ordered to be Reported (Amended) by Voice Vote.
Subcommittee Consideration and Mark-up Session Held.
Forwarded by Subcommittee to Full Committee (Amended) by Voice Vote .
Committee Consideration and Mark-up Session Held.
Ordered to be Reported (Amended) by Voice Vote.
checking server…
Ask anything about this bill. The AI reads the full text to answer.
Enter to send · Shift+Enter for new line