“The House Oversight and Reform Committee released a ‘discussion draft’ of its FISMA reform bill today. Chairwoman Carolyn Maloney (D-N.Y.) said it holds a lot of similarities with a bill that passed the Senate Homeland Security and Governmental Affairs Committee last fall.
‘We have a real opportunity to pass FISMA reform this year, and to protect the intellectual property, sensitive data and networks that are essential to our country’s economy and national security,’ Maloney said during a hearing held today to discuss the bill…”
“The draft bill seeks to reduce FISMA reporting requirements on agencies, notably by shifting independent assessments for each civilian executive branch agency to once every two years. FISMA assessments are currently conducted annually by agency inspector generals or external auditors.
The bill would have CISA perform risk assessments of agencies ‘on an ongoing and continuous basis,’ using information such as vulnerability remediation efforts, incident analysis, vulnerability disclosure programs, threat hunting results, cyber threat intelligence, and other standards. Agencies would be required to inventory their internet-accessible information systems and assets…” Read the full article here.
Source: Lawmakers see ‘real opportunity’ to modernize federal cyber playbook – By Justin Doubleday, January 11, 2022. Federal News Network.