Risk-Informed Spending for Cybersecurity Act
This bill requires the Office of Management and Budget, in coordination with the Cybersecurity and Infrastructure Security Agency, to develop a standard model for creating a risk-based budget for cybersecurity spending.
The risk-based budget must (1) be developed by identifying and prioritizing cybersecurity risks and vulnerabilities through analysis of threat intelligence, incident data, and tactics, techniques, procedures, and capabilities of cyber threats; and (2) allocate resources based on the risks identified and prioritized.
Within two years of the development of the model, federal agencies must begin using the model to develop annual cybersecurity and information technology budget requests.
Introduced in Senate
Read twice and referred to the Committee on Homeland Security and Governmental Affairs.
Llama 3.2 · runs locally in your browser
Ask anything about this bill. The AI reads the full text to answer.
Enter to send · Shift+Enter for new line