cart

Members

Join Login

Membership and collaboration facilitated by Member 365.

Members

Join Login

Membership and collaboration facilitated by Member 365.

Industry News

  • News
  • Federal Laws Relating to Cybersecurity: Overview and Discussion of Proposed Revisions

Federal Laws Relating to Cybersecurity: Overview and Discussion of Proposed Revisions

For more than a decade, various experts have expressed increasing concerns about cybersecurity, in light of the growing frequency, impact, and sophistication of attacks on information systems in the United States and abroad. Consensus has also been building that the current legislative framework for cybersecurity might need to be revised.

The complex federal role in cybersecurity involves both securing federal systems and assisting in protecting nonfederal systems. Under current law, all federal agencies have cybersecurity responsibilities relating to their own systems, and many have sector-specific responsibilities for critical infrastructure.

More than 50 statutes address various aspects of cybersecurity either directly or indirectly, but there is no overarching framework legislation in place. While revisions to most of those laws have been proposed over the past few years, no major cybersecurity legislation has been enacted since 2002.

Recent legislative proposals, including many bills introduced in recent Congresses, have focused largely on issues in 10 broad areas (see "Selected Issues Addressed in Proposed Legislation" for an overview of how current legislative proposals would address issues in several of those areas):

  • national strategy and the role of government,
  • reform of the Federal Information Security Management Act (FISMA),
  • protection of critical infrastructure (including the electricity grid and the chemical industry),
  • information sharing and cross-sector coordination,
  • breaches resulting in theft or exposure of personal data such as financial information,
  • cybercrime,
  • privacy in the context of electronic commerce,
  • international efforts,
  • research and development, and
  • the cybersecurity workforce.

Source: Federation of American Scientists


The Colloquium recognizes that the protection of information and infrastructures that are used to create, store, process, and communicate information is vital to business continuity and security. The Colloquium's goal is to work together to define current and emerging requirements for information assurance education and to influence and encourage the development and expansion of information assurance curricula, especially at the graduate and undergraduate levels.


giving

Save money and support the Colloquium for Information Systems Security Education.


Recent Posts