Bill > S2902

This bill: Modernizes federal information security management by updating the Federal Information Security Modernization Act (FISMA) to strengthen cybersecurity across the federal government. Key provisions include: requiring ongoing, continuous agency system risk assessments; establishing a risk-based budget model for cybersecurity spending; codifying vulnerability disclosure programs; implementing security principles like presumption of compromise and least privilege; and enhancing federal incident response coordination and reporting. The bill also establishes new pilot programs like a federal security operations center shared service and an active cyber defense study. Overall, the bill aims to improve federal cybersecurity by increasing visibility, risk management, and operational capabilities.

Military Affairs and Security

https://www.congress.gov/bill/117th-congress/senate-bill/2902/all-info