HR 4921 ENR: STB Information Security Improvement Act
U.S. House of Representatives
text/xml
EN
Pursuant to Title 17 Section 105 of the United States Code, this file is not subject to copyright protection and is in the public domain.
1.This Act may be cited as the STB Information Security Improvement Act
. 2. (a)The Surface Transportation Board (in this section referred to as the STB
) shall develop a timeline and plan to implement the recommendations of the Inspector General of the Department of Transportation in Report No. FI2018002, including improvements—
(1)to identify controls, including risk management, weakness remediation, and security authorization; (2)to protect controls, including configuration management, user identity and access management, and security training;
(3)to detect controls, including continuous monitoring; (4)to respond controls, including incident handling and reporting;
(5)to recover controls for contingency planning; and (6)any additional tools that will improve the implementation of the recommendations.
(b)
(1)Not later than 180 days after the date of enactment of this Act, the STB shall submit the plan and timeline developed under subsection (a) to the Committee on Transportation and Infrastructure of the House of Representatives and the Committee on Commerce of the Senate. (2)The STB shall report annually to such Committees on the progress on implementation of the recommendations until the implementation is complete.
(3)The STB shall designate an individual to implement the plan developed under subsection (a). 3.No additional funds authorizedNo additional funds are authorized to carry out the requirements of this Act. Such requirements shall be carried out using amounts otherwise authorized.
Speaker of the House of Representatives.Vice President of the United States and President of the Senate.