Federal Agencies To Secure Information Systems And Assess Adequacy Of Cyber-Related Workforce

King & Spalding
Contact
LinkedIn
Facebook
X
Send
Embed

Two provisions of the Cybersecurity Act of 2015—the Federal Cybersecurity Enhancement Act and the Federal Cybersecurity Workforce Assessment Act―task the Department of Homeland Security (“DHS”) and the Office of Management and Budget (“OMB”) with new cybersecurity responsibilities.

The Federal Cybersecurity Enhancement Act of 2015 (“Enhancement Act”), located at Title II, Subsection B of the Cybersecurity Act, requires federal agencies to secure government information systems.  Specifically, the Enhancement Act directs DHS to implement an “intrusion assessment plan” to routinely detect, identify, and remove intruders in agency information systems.  DHS must also develop a plan to ensure that agencies utilize advanced networking security tools to bolster internal defenses.  Moreover, the Enhancement Act requires DHS, in consultation with OMB, to issue binding operational directives mandating that federal agencies evaluate access to sensitive agency data, as well as encrypt or otherwise render indecipherable that data to unauthorized users.  The Department of Defense, certain national security systems, and elements of the intelligence community are exempt from the Enhancement Act.

The Federal Cybersecurity Workforce Assessment Act of 2015 (“Assessment Act”) also affects federal agencies’ cyber requirements.  The Assessment Act is located at Title III of the larger Cybersecurity Act and provides a mechanism to appraise the cyber-readiness of the federal workforce.  In particular, each federal agency head must identify all positions within its respective agency, both civilian and non-civilian, that require the performance of cybersecurity or other cyber-related functions.  The agency heads must then report the percentage of personnel who hold appropriate industry-recognized certifications and identify a strategy for mitigating any identified gaps in employees’ credentialing.  After this baseline assessment, the Assessment Act calls for OMB and DHS to produce a report identifying and substantiating particular cyber-related work roles in critical need of additional personnel.

Reporter, Bailey J. Langner, San Francisco, +1 415 318 1214, blangner@kslaw.com.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© King & Spalding | Attorney Advertising

Written by:

King & Spalding
King & Spalding
Contact
more
less

King & Spalding on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide