Federal Information Security Modernization Act of 2014

Last updated
Federal Information Security Modernization Act of 2014
Great Seal of the United States (obverse).svg
Long titleAn Act to amend chapter 35 of title 44, United States Code, to provide for reform to Federal information security.
Acronyms (colloquial)FISMA2014
NicknamesFISMA Reform
Enacted bythe 113th United States Congress
EffectiveDecember 18, 2014
Citations
Public law 113-283
Statutes at Large 128  Stat.   3073 aka 128 Stat. 3073
Codification
Acts amended Federal Information Security Management Act of 2002
Titles amended 44 U.S.C.: Public Printing and Documents
U.S.C. sections created 44 U.S.C. ch. 35,subch. II § 3551 et seq.
U.S.C. sections amended
Legislative history

The Federal Information Security Modernization Act of 2014 (Pub.L. 113-283, S. 2521; commonly referred to as FISMA Reform) was signed into federal law by President Barack Obama on December 18, 2014. [1] Passed as a response to the increasing amount of cyber attacks on the federal government, it amended existing laws to enable the federal government to better respond to cyber attacks on departments and agencies. [2] [3]

An earlier version of the legislation was proposed by House Oversight and Government Reform Chairman Darrell Issa and co-sponsored by the Committee's Ranking Member Elijah Cummings as H.R.1163 Federal Information Security Amendments Act of 2013. [4] The bill was passed by the U.S. House of Representatives on a vote of 416–0. [5]

The final version of the legislation was introduced to the United States Senate Committee on Homeland Security and Governmental Affairs by Thomas Carper (DDE) on June 24, 2014 and passed December 8, 2014 in the Senate and December 10, 2014 in the House.

Related Research Articles

Foreign Intelligence Surveillance Act 1978 United States federal law

The Foreign Intelligence Surveillance Act of 1978 is a United States federal law that establishes procedures for the physical and electronic surveillance and the collection of "foreign intelligence information" between "foreign powers" and "agents of foreign powers" suspected of espionage or terrorism. The Act created the Foreign Intelligence Surveillance Court (FISC) to oversee requests for surveillance warrants by federal law enforcement and intelligence agencies. It has been repeatedly amended since the September 11 attacks.

Homeland Security Act of 2002 Post-9/11 United States law establishing the Department of Homeland Security

The Homeland Security Act (HSA) of 2002, was introduced in the aftermath of the September 11 attacks and subsequent mailings of anthrax spores. The HSA was cosponsored by 118 members of Congress. The act passed the U.S. Senate by a vote of 90–9, with one Senator not voting. It was signed into law by President George W. Bush in November 2002.

Federal Information Security Management Act of 2002 United States Law

The Federal Information Security Management Act of 2002 is a United States federal law enacted in 2002 as Title III of the E-Government Act of 2002. The act recognized the importance of information security to the economic and national security interests of the United States. The act requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.

A cybersecurity regulation comprises directives that safeguard information technology and computer systems with the purpose of forcing companies and organizations to protect their systems and information from cyberattacks like viruses, worms, Trojan horses, phishing, denial of service (DOS) attacks, unauthorized access and control system attacks. There are numerous measures available to prevent cyberattacks.

Federal Funding Accountability and Transparency Act of 2006

The Federal Funding Accountability and Transparency Act of 2006 is an Act of Congress that requires the full disclosure to the public of all entities or organizations receiving federal funds beginning in fiscal year (FY) 2007. The website USAspending.gov opened in December 2007 as a result of the act, and is maintained by the Office of Management and Budget. The Congressional Budget Office estimates S. 2590 will cost $15 million over its authorized time period of 2007–2011.

Dodd–Frank Wall Street Reform and Consumer Protection Act Regulatory act implemented by the Obama Administration after the 2008 financial crisis.

The Dodd–Frank Wall Street Reform and Consumer Protection Act is a United States federal law that was enacted on July 21, 2010. The law overhauled financial regulation in the aftermath of the Great Recession, and it made changes affecting all federal financial regulatory agencies and almost every part of the nation's financial services industry.

Health Care and Education Reconciliation Act of 2010 United States law

The Health Care and Education Reconciliation Act of 2010 is a law that was enacted by the 111th United States Congress, by means of the reconciliation process, in order to amend the Affordable Care Act (ACA). The law includes the Student Aid and Fiscal Responsibility Act, which was attached as a rider.

Wall Street reforms are reforms or regulations of the financial industry in the United States.

Risk Management Framework

The Risk Management Framework (RMF) is a United States federal government guideline, standard and process for risk management to help secure information systems developed by National Institute of Standards and Technology. The Risk Management Framework (RMF), illustrated in the diagram to the right, provides a disciplined and structured process that integrates information security, privacy and risk management activities into the system development life cycle.

Cyber Intelligence Sharing and Protection Act Unpassed United States bill

The Cyber Intelligence Sharing and Protection Act was a proposed law in the United States which would allow for the sharing of Internet traffic information between the U.S. government and technology and manufacturing companies. The stated aim of the bill is to help the U.S. government investigate cyber threats and ensure the security of networks against cyberattacks.

The National Defense Authorization Act (NDAA) for Fiscal Year 2013 is a United States federal law which specifies the budget and expenditures of the United States Department of Defense for fiscal year 2013. The full title is An Act to Authorize Appropriations for fiscal year 2013 for military activities of the Department of Defense, for military construction, and for defense activities of the Department of Energy, to prescribe military personnel strengths for such fiscal year, and for other purposes. This law has been assigned the number PL 112–239.

National Cybersecurity and Critical Infrastructure Protection Act of 2013

The National Cybersecurity and Critical Infrastructure Protection Act of 2013 is a bill that would amend the Homeland Security Act of 2002 to require the Secretary of the Department of Homeland Security (DHS) to conduct cybersecurity activities on behalf of the federal government and would codify the role of DHS in preventing and responding to cybersecurity incidents involving the Information Technology (IT) systems of federal civilian agencies and critical infrastructure in the United States.

USA Freedom Act U.S. law

The USA Freedom Act is a U.S. law enacted on June 2, 2015, that restored and modified several provisions of the Patriot Act, which had expired the day before. The act imposes some new limits on the bulk collection of telecommunication metadata on U.S. citizens by American intelligence agencies, including the National Security Agency. It also restores authorization for roving wiretaps and tracking lone wolf terrorists. The title of the act is a ten-letter backronym that stands for Uniting and Strengthening America by Fulfilling Rights and Ensuring Effective Discipline Over Monitoring Act of 2015.

Digital Accountability and Transparency Act of 2014

The Digital Accountability and Transparency Act of 2014 is a law that aims to make information on federal expenditures more easily accessible and transparent. The law requires the U.S. Department of the Treasury to establish common standards for financial data provided by all government agencies and to expand the amount of data that agencies must provide to the government website, USASpending. The goal of the law is to improve the ability of Americans to track and understand how the government is spending their tax dollars.

Cybersecurity Information Sharing Act

The Cybersecurity Information Sharing Act is a United States federal law designed to "improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes". The law allows the sharing of Internet traffic information between the U.S. government and technology and manufacturing companies. The bill was introduced in the U.S. Senate on July 10, 2014, and passed in the Senate October 27, 2015. Opponents question CISA's value, believing it will move responsibility from private businesses to the government, thereby increasing vulnerability of personal private information, as well as dispersing personal private information across seven government agencies, including the NSA and local police.

Presidential and Federal Records Act Amendments of 2014

The Presidential and Federal Records Act Amendments of 2014 is a United States federal statute which amended the Presidential Records Act and Federal Records Act. Introduced as H.R. 1233, it was signed into law by President Barack Obama on November 26, 2014.

The Email Privacy Act is a bill introduced in the United States Congress. The bipartisan proposed federal law was sponsored by Representative Kevin Yoder, a Republican from Kansas, and then-Representative Jared Polis, a Democrat of Colorado. The law is designed to update and reform existing online communications law, specifically the Electronic Communications Privacy Act (ECPA) of 1986.

Protecting Cyber Networks Act

The Protecting Cyber Networks Act is a bill introduced in the 114th Congress by Rep. Devin Nunes (R-CA), chairman of the House Permanent Select Committee on Intelligence. The legislation would allow companies and the government to share information concerning cyber threats. To overcome privacy concerns, the bill expressly forbids companies from sharing information with the National Security Agency (NSA) or Department of Defense (DOD).

Frank R. Lautenberg Chemical Safety for the 21st Century Act

The Frank R. Lautenberg Chemical Safety for the 21st Century Act is a law passed by the 114th United States Congress and signed into law by US President Barack Obama in 2016. Administered by the United States Environmental Protection Agency, which regulates the introduction of new or already existing chemicals, the Act amends and updates the Toxic Substances Control Act (TSCA) that went into force in 1976.

The Extreme Risk Protection Order Act is federal gun control legislation to support State, Tribal, and local efforts under "red flag laws" to remove access to firearms from individuals who are considered a danger to themselves or others. Sen. Richard Blumenthal introduced such legislation in March 2018, in the 115th U.S. Congress; and Dianne Feinstein introduced such legislation in February 2019, in the 116th U.S. Congress. The House version of her legislation was introduced by Rep. Salud Carbajal and re-introduced on 14 February 2019, one year after the Stoneman Douglas High School shooting.

References

  1. "S.2521 - Federal Information Security Modernization Act of 2014". congress.gov. Library of Congress . Retrieved 9 March 2017.
  2. Moore, Jack. "FROM FITARA TO FISMA REFORM: 5 KEY TECH BILLS PASSED BY CONGRESS IN 2014". NextGov. Retrieved 9 March 2017.
  3. Bennett, Cory. "Federal data security bill heads to Obama's desk". The Hill. Retrieved 9 March 2017.
  4. "H.R.1163 - Federal Information Security Amendment Act of 2013". congress.gov. Library of Congress . Retrieved 27 November 2018.
  5. Kominsky, Mitchell (February 6, 2014). "FISMA Legislative Origin". Harvard Law National Security Journal.