{ "id": "R42114", "type": "CRS Report", "typeId": "REPORTS", "number": "R42114", "active": true, "source": "EveryCRSReport.com, University of North Texas Libraries Government Documents Department", "versions": [ { "source": "EveryCRSReport.com", "id": 436423, "date": "2014-12-12", "retrieved": "2016-04-06T19:49:54.942253", "title": "Federal Laws Relating to Cybersecurity: Overview of Major Issues, Current Laws, and Proposed Legislation", "summary": "For more than a decade, various experts have expressed increasing concerns about cybersecurity, in light of the growing frequency, impact, and sophistication of attacks on information systems in the United States and abroad. Consensus has also been building that the current legislative framework for cybersecurity might need to be revised.\nThe complex federal role in cybersecurity involves both securing federal systems and assisting in protecting nonfederal systems. Under current law, all federal agencies have cybersecurity responsibilities relating to their own systems, and many have sector-specific responsibilities for critical infrastructure (CI).\nMore than 50 statutes address various aspects of cybersecurity either directly or indirectly, but there is no overarching framework legislation in place. Revisions to many of those laws have been proposed over the past several years. Recent legislative proposals, including many bills introduced in recent Congresses, have focused largely on issues in several broad areas, including the following:\n\u201cProtection of Privately Held Critical Infrastructure (CI)\u201d\n\u201cSharing of Cybersecurity Information Among Private and Government Entities,\u201d\n\u201cDepartment of Homeland Security Authorities for Protection of Federal Systems,\u201d\n\u201cReform of the Federal Information Security Management Act (FISMA),\u201d\n\u201cCybersecurity Workforce,\u201d and\n\u201cResearch and Development.\u201d\n\u201cOther Topics\u201d\u2014including cybercrime law, data breach notification, and defense-related cybersecurity\u2014have also been addressed in legislative proposals. \nAt least some of the bills addressing those areas have proposed explicit changes to current laws. However, no bills making such revisions were enacted until the end of the 113th Congress.\nIn the 112th and 113th Congresses, several bills that specifically focused on cybersecurity received committee or floor action. Comprehensive legislative proposals in the 112th Congress included the Cybersecurity Act of 2012 (S. 3414), recommendations from a House Republican task force, and a proposal by the Obama Administration. S. 3414 was debated in the Senate but failed two cloture votes. In the absence of enactment of cybersecurity legislation in that Congress, the White House issued Executive Order 13636, with provisions on protection of CI, including information sharing and standards development.\nIn the 113th Congress, several narrower House bills addressed some of the issues raised and recommendations made by the House task force. Four had passed the House in the 112th Congress but were not considered by the Senate. They were reintroduced and passed the House again, with some amendments:\nThe Cyber Intelligence Sharing and Protection Act (H.R. 624) focuses on information sharing and coordination.\nThe Cybersecurity Enhancement Act of 2013 (H.R. 756) and the Advancing America\u2019s Networking and Information Technology Research and Development Act of 2013 (H.R. 967) address federal cybersecurity R&D and technical standards.\nThe Federal Information Security Amendments Act of 2013 (H.R. 1163) addresses FISMA reform.\nAlso passing the House were three bills that address the role of the Department of Homeland Security (DHS) in cybersecurity: The CIRDA Act of 2013 (H.R. 2952), the Homeland Security Cybersecurity Boots-on-the-Ground Act (H.R. 3107), and the National Cybersecurity and Critical Infrastructure Protection Act of 2013 (H.R. 3696). They include provisions on workforce, R&D, information sharing, and public/private sector collaboration in protecting CI. \nThree Senate cybersecurity bills passed in the 113th Congress:\nThe DHS Cybersecurity Workforce Recruitment and Retention Act of 2014 (S. 2354), bill addressing workforce issues, passed the Senate as an amendment to S. 1691.\nThe National Cybersecurity Protection Act of 2014 (S. 2519) provides authorization for a DHS information-sharing center. \nThe Federal Information Security Modernization Act of 2014 (S. 2521), addresses FISMA reform.\nFour of the bills, as amended, were enacted at the end of the 113th Congress: H.R. 2952, S. 1691, S. 2519, and S. 2521. The bills address FISMA reform and DHS workforce issues and information-sharing activities.", "type": "CRS Report", "typeId": "REPORTS", "active": true, "formats": [ { "format": "HTML", "encoding": "utf-8", "url": "http://www.crs.gov/Reports/R42114", "sha1": "1bb3cd7691416f7dd5fd8c3d2ff476adeb9ba68e", "filename": "files/20141212_R42114_1bb3cd7691416f7dd5fd8c3d2ff476adeb9ba68e.html", "images": null }, { "format": "PDF", "encoding": null, "url": "http://www.crs.gov/Reports/pdf/R42114", "sha1": "b8ffa2a11245b44560d7d8419c350058496021a6", "filename": "files/20141212_R42114_b8ffa2a11245b44560d7d8419c350058496021a6.pdf", "images": null } ], "topics": [ { "source": "IBCList", "id": 4300, "name": "Cybersecurity" } ] }, { "source": "University of North Texas Libraries Government Documents Department", "sourceLink": "https://digital.library.unt.edu/ark:/67531/metadc227741/", "id": "R42114_2013Jun20", "date": "2013-06-20", "retrieved": "2013-11-05T18:07:05", "title": "Federal Laws Relating to Cybersecurity: Overview and Discussion of Proposed Revisions", "summary": "Report that is concerned with the current legislative framework for cybersecurity as well as proposals to amend more than 30 related acts of Congress.", "type": "CRS Report", "typeId": "REPORT", "active": false, "formats": [ { "format": "PDF", "filename": "files/20130620_R42114_7ea19a7860f71b020e8b40fe28b831956f41bb5b.pdf" }, { "format": "HTML", "filename": "files/20130620_R42114_7ea19a7860f71b020e8b40fe28b831956f41bb5b.html" } ], "topics": [ { "source": "LIV", "id": "Defense policy", "name": "Defense policy" }, { "source": "LIV", "id": "Cyberspace", "name": "Cyberspace" }, { "source": "LIV", "id": "Technology", "name": "Technology" }, { "source": "LIV", "id": "Internet", "name": "Internet" } ] }, { "source": "University of North Texas Libraries Government Documents Department", "sourceLink": "https://digital.library.unt.edu/ark:/67531/metadc811407/", "id": "R42114_2013Feb05", "date": "2013-02-05", "retrieved": "2016-03-19T13:57:26", "title": "Federal Laws Relating to Cybersecurity: Overview and Discussion of Proposed Revisions", "summary": null, "type": "CRS Report", "typeId": "REPORT", "active": false, "formats": [ { "format": "PDF", "filename": "files/20130205_R42114_c2229ea6c4107264198900cd17d1778c18efea3d.pdf" }, { "format": "HTML", "filename": "files/20130205_R42114_c2229ea6c4107264198900cd17d1778c18efea3d.html" } ], "topics": [] }, { "source": "University of North Texas Libraries Government Documents Department", "sourceLink": "https://digital.library.unt.edu/ark:/67531/metadc811447/", "id": "R42114_2012Nov09", "date": "2012-11-09", "retrieved": "2016-03-19T13:57:26", "title": "Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions", "summary": null, "type": "CRS Report", "typeId": "REPORT", "active": false, "formats": [ { "format": "PDF", "filename": "files/20121109_R42114_decd84615d4381ccfdbee8e791e3cc82549fe9cc.pdf" }, { "format": "HTML", "filename": "files/20121109_R42114_decd84615d4381ccfdbee8e791e3cc82549fe9cc.html" } ], "topics": [] }, { "source": "University of North Texas Libraries Government Documents Department", "sourceLink": "https://digital.library.unt.edu/ark:/67531/metadc819499/", "id": "R42114_2012Jul25", "date": "2012-07-25", "retrieved": "2016-03-19T13:57:26", "title": "Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions", "summary": null, "type": "CRS Report", "typeId": "REPORT", "active": false, "formats": [ { "format": "PDF", "filename": "files/20120725_R42114_7f6b881484916c9b2575fbbdffba732fbb6b07e8.pdf" }, { "format": "HTML", "filename": "files/20120725_R42114_7f6b881484916c9b2575fbbdffba732fbb6b07e8.html" } ], "topics": [] }, { "source": "University of North Texas Libraries Government Documents Department", "sourceLink": "https://digital.library.unt.edu/ark:/67531/metadc93913/", "id": "R42114_2012Jun29", "date": "2012-06-29", "retrieved": "2012-07-24T12:39:36", "title": "Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions", "summary": "This report discusses how the current legislative framework for cybersecurity might need to be revised.", "type": "CRS Report", "typeId": "REPORT", "active": false, "formats": [ { "format": "PDF", "filename": "files/20120629_R42114_82de9c3dedf74c016350919f336e4ee617b3110f.pdf" }, { "format": "HTML", "filename": "files/20120629_R42114_82de9c3dedf74c016350919f336e4ee617b3110f.html" } ], "topics": [ { "source": "LIV", "id": "Cyberspace", "name": "Cyberspace" }, { "source": "LIV", "id": "Computer crimes", "name": "Computer crimes" }, { "source": "LIV", "id": "Computer security measures", "name": "Computer security measures" } ] }, { "source": "University of North Texas Libraries Government Documents Department", "sourceLink": "https://digital.library.unt.edu/ark:/67531/metadc819006/", "id": "R42114_2012May10", "date": "2012-05-10", "retrieved": "2016-03-19T13:57:26", "title": "Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions", "summary": null, "type": "CRS Report", "typeId": "REPORT", "active": false, "formats": [ { "format": "PDF", "filename": "files/20120510_R42114_e9bcdae253c560064fbdd0b8c2d018e02b53ad0d.pdf" }, { "format": "HTML", "filename": "files/20120510_R42114_e9bcdae253c560064fbdd0b8c2d018e02b53ad0d.html" } ], "topics": [] }, { "source": "University of North Texas Libraries Government Documents Department", "sourceLink": "https://digital.library.unt.edu/ark:/67531/metadc85396/", "id": "R42114_2012Apr23", "date": "2012-04-23", "retrieved": "2012-06-06T14:34:05", "title": "Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions", "summary": "For more than a decade, various experts have expressed concerns about information-system security-often referred to as cybersecurity-in the United States and abroad. This report discusses that framework and proposals to amend more than 30 acts of Congress that are part of or relevant to it.", "type": "CRS Report", "typeId": "REPORT", "active": false, "formats": [ { "format": "PDF", "filename": "files/20120423_R42114_42fe231fde7e60f8c23d0ebdcb8164a52b910567.pdf" }, { "format": "HTML", "filename": "files/20120423_R42114_42fe231fde7e60f8c23d0ebdcb8164a52b910567.html" } ], "topics": [ { "source": "LIV", "id": "Cyberspace", "name": "Cyberspace" }, { "source": "LIV", "id": "Computer crimes", "name": "Computer crimes" }, { "source": "LIV", "id": "Computer security measures", "name": "Computer security measures" } ] }, { "source": "University of North Texas Libraries Government Documents Department", "sourceLink": "https://digital.library.unt.edu/ark:/67531/metadc84009/", "id": "R42114_2011Dec07", "date": "2011-12-07", "retrieved": "2012-04-27T15:49:45", "title": "Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions", "summary": "For more than a decade, various experts have expressed concerns about information-system security-often referred to as cybersecurity-in the United States and abroad. This report discusses that framework and proposals to amend more than 30 acts of Congress that are part of or relevant to it.", "type": "CRS Report", "typeId": "REPORT", "active": false, "formats": [ { "format": "PDF", "filename": "files/20111207_R42114_b155547ba9608cc2f5f6fa427ca33ba997a2651b.pdf" }, { "format": "HTML", "filename": "files/20111207_R42114_b155547ba9608cc2f5f6fa427ca33ba997a2651b.html" } ], "topics": [ { "source": "LIV", "id": "Cyberspace", "name": "Cyberspace" }, { "source": "LIV", "id": "Computer crimes", "name": "Computer crimes" }, { "source": "LIV", "id": "Computer security measures", "name": "Computer security measures" } ] } ], "topics": [ "American Law", "Economic Policy", "Energy Policy", "Foreign Affairs", "Industry and Trade", "Intelligence and National Security", "Internet and Telecommunications Policy", "National Defense", "Science and Technology Policy" ] }