3.0.0 3600 2023-05-11T15:46:24Z 2023-05-11T15:46:24Z Senate S 2022-02-08 117 Federal Information Security Modernization Act of 2022 117 6497 HR 2022-02-02 Ordered to be Reported (Amended) by Voice Vote. Related bill CRS Federal Secure Cloud Improvement and Jobs Act of 2021 117 3099 S 2022-05-24 Placed on Senate Legislative Calendar under General Orders. Calendar No. 383. Related bill CRS FedRAMP Authorization Act 117 8956 HR 2022-10-11 Received in the Senate and Read twice and referred to the Committee on Homeland Security and Governmental Affairs. Related bill CRS 2022-03-02 13:11:27 Held at the desk. Floor H15000 2 House floor actions 2022-03-02 13:08:01 Received in the House. Floor H14000 2 House floor actions 2022-03-02 Senate Message on Senate action sent to the House. Floor 2022-03-01 Senate Passed Senate with amendments by Unanimous Consent. (text: CR S897-919) Floor 2022-03-01 Passed/agreed to in Senate: Passed Senate with amendments by Unanimous Consent. Floor 17000 9 Library of Congress 2022-03-01 Senate Measure laid before Senate by unanimous consent. (consideration: CR S896-919) Floor 2022-02-09 Senate Read the second time. Placed on Senate Legislative Calendar under General Orders. Calendar No. 265. Calendars 2022-02-08 Senate Introduced in the Senate. Read the first time. Placed on Senate Legislative Calendar under Read the First Time. Calendars 2022-02-08 Introduced in Senate IntroReferral 10000 9 Library of Congress P000595 Sen. Peters, Gary C. [D-MI] Gary Peters D MI N P000449 Sen. Portman, Rob [R-OH] Rob Portman R OH 2022-02-08 True W000805 Sen. Warner, Mark R. [D-VA] Mark Warner D VA R. 2022-02-10 False C001035 Sen. Collins, Susan M. [R-ME] Susan Collins R ME M. 2022-02-10 False K000383 Sen. King, Angus S., Jr. [I-ME] Angus King I ME S. 2022-02-10 False B001135 Sen. Burr, Richard [R-NC] Richard Burr R NC Mauze 2022-02-10 False C001070 Sen. Casey, Robert P., Jr. [D-PA] Bob Casey D PA 2022-02-10 False B000575 Sen. Blunt, Roy [R-MO] Roy Blunt R MO 2022-02-10 False R000595 Sen. Rubio, Marco [R-FL] Marco Rubio R FL 2022-02-10 False R000608 Sen. Rosen, Jacky [D-NV] Jacklyn Rosen D NV 2022-02-10 False P000145 Sen. Padilla, Alex [D-CA] Alex Padilla D CA 2022-02-10 False R000584 Sen. Risch, James E. [R-ID] James Risch R ID E. 2022-02-10 False O000174 Sen. Ossoff, Jon [D-GA] Jon Ossoff D GA 2022-02-10 False C001056 Sen. Cornyn, John [R-TX] John Cornyn R TX 2022-02-17 False H000273 Sen. Hickenlooper, John W. [D-CO] John Hickenlooper D CO W. 2022-02-17 False B001267 Sen. Bennet, Michael F. [D-CO] Michael Bennet D CO 2022-02-28 False Government Operations and Politics Administrative law and regulatory procedures Advisory bodies Civil actions and liability Computer security and identity theft Computers and information technology Congressional oversight Criminal investigation, prosecution, interrogation Department of Homeland Security Employment and training programs Executive agency funding and structure Federal officials Government employee pay, benefits, personnel management Government information and archives Government studies and investigations Infrastructure development Performance measurement Public contracts and procurement Right of privacy Science, Technology, Communications Technology assessment Telephone and wireless communication Government Operations and Politics 00 2022-02-08 Introduced in Senate 2022-03-12T21:11:42Z Strengthening American Cybersecurity Act of 2022

This bill addresses cybersecurity threats against critical infrastructure and the federal government.

The Cybersecurity and Infrastructure Security Agency (CISA) must perform ongoing and continuous assessments of federal risk posture.

An agency, within a specified time frame, must (1) determine whether notice to any individual potentially affected by a breach is appropriate based on a risk assessment; and (2) as appropriate, provide written notice to each individual potentially affected.

Each agency must (1) provide information relating to a major incident to specified parties, and (2) develop specified training for individuals with access to federal information or information systems.

The bill requires reporting and other actions to address cybersecurity incidents.

Entities that own or operate critical infrastructure must report cyber incidents and ransom payments within specified time frames.

The bill limits the use and disclosure of reported information.

The bill establishes (1) an interagency council to standardize federal reporting of cybersecurity threats, (2) a task force on ransomware attacks, and (3) a pilot program to identify information systems vulnerable to such attacks.

The bill provides statutory authority for the Federal Risk and Authorization Management Program (FedRAMP) within the General Services Administration (GSA).

FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud computing products and services.

The bill establishes a FedRAMP Board to examine the operations of FedRAMP and the Federal Secure Cloud Advisory Committee.

]]> 55 2022-03-01 Passed Senate 2022-03-14T15:29:16Z Strengthening American Cybersecurity Act of 2022

This bill addresses cybersecurity threats against critical infrastructure and the federal government.

The Cybersecurity and Infrastructure Security Agency (CISA) must perform ongoing and continuous assessments of federal risk posture.

An agency, within a specified time frame, must (1) determine whether notice to any individual potentially affected by a breach is appropriate based on a risk assessment; and (2) as appropriate, provide written notice to each individual potentially affected.

Each agency must (1) provide information relating to a major incident to specified parties, and (2) develop specified training for individuals with access to federal information or information systems.

The bill requires reporting and other actions to address cybersecurity incidents.

Entities that own or operate critical infrastructure must report cyber incidents and ransom payments within specified time frames.

The bill limits the use and disclosure of reported information.

The bill establishes (1) an interagency council to standardize federal reporting of cybersecurity threats, (2) a task force on ransomware attacks, and (3) a pilot program to identify information systems vulnerable to such attacks.

The bill provides statutory authority for the Federal Risk and Authorization Management Program (FedRAMP) within the General Services Administration (GSA).

FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud computing products and services.

The bill establishes a FedRAMP Board to examine the operations of FedRAMP and the Federal Secure Cloud Advisory Committee.

]]> Strengthening American Cybersecurity Act of 2022 Display Title Strengthening American Cybersecurity Act of 2022 Short Titles as Passed Senate for portions of this bill Federal Secure Cloud Improvement and Jobs Act of 2022 S Senate Short Titles as Passed Senate for portions of this bill Cyber Incident Reporting for Critical Infrastructure Act of 2022 S Senate Short Titles as Passed Senate for portions of this bill Federal Information Security Modernization Act of 2022 S Senate Short Titles as Passed Senate Strengthening American Cybersecurity Act of 2022 S Senate Official Title as Introduced A bill to improve the cybersecurity of the Federal Government, and for other purposes. Short Title(s) as Passed Senate Strengthening American Cybersecurity Act of 2022 S Senate Engrossed in Senate ES Short Title(s) as Passed Senate for portions of this bill Cyber Incident Reporting for Critical Infrastructure Act of 2022 S Senate Engrossed in Senate ES Short Title(s) as Passed Senate for portions of this bill Federal Information Security Modernization Act of 2022 S Senate Engrossed in Senate ES Short Title(s) as Passed Senate for portions of this bill Federal Secure Cloud Improvement and Jobs Act of 2022 S Senate Engrossed in Senate ES Short Title(s) as Introduced for portions of this bill Federal Secure Cloud Improvement and Jobs Act of 2022 Short Title(s) as Introduced for portions of this bill Cyber Incident Reporting for Critical Infrastructure Act of 2022 Short Title(s) as Introduced for portions of this bill Federal Information Security Modernization Act of 2022 Short Title(s) as Introduced Strengthening American Cybersecurity Act of 2022 4954 117 SAMDT To improve the bill. 2022-03-02T05:16:23Z 2022-03-01 Amendment SA 4954 agreed to in Senate by Unanimous Consent. SA 4954 https://www.congress.gov/amendment/117th-congress/senate-amendment/4954 W000437 Sen. Wicker, Roger F. [R-MS] Roger Wicker R MS F. 2022-03-01T05:00:00Z 2022-03-01T05:00:00Z Senate 117 S Senate S 3600 Strengthening American Cybersecurity Act of 2022 2023-05-11T15:46:24Z 6 2022-03-01 0 Senate Amendment SA 4954 agreed to in Senate by Unanimous Consent. Floor 2022-03-01 0 Senate Amendment SA 4954 proposed by Senator Peters for Senator Wicker. (consideration: CR S897; text: CR S897) To improve the bill. Floor 2022-03-01 Senate amendment submitted Floor 91000 9 Library of Congress 2022-03-01 Senate amendment proposed (on the floor): Amendment SA 4954 proposed by Senator Peters for Senator Wicker. Floor 93000 9 Library of Congress 2022-03-01 Senate amendment agreed to: Amendment SA 4954 agreed to in Senate by Unanimous Consent. Floor 94000 9 Library of Congress 4953 117 SAMDT To amend the Federal Cybersecurity Enhancement Act of 2015 to require Federal agencies to obtain exemptions from certain cybersecurity requirements in order to avoid compliance with those requirements. 2022-03-02T05:16:23Z 2022-03-01 Amendment SA 4953 agreed to in Senate by Unanimous Consent. SA 4953 https://www.congress.gov/amendment/117th-congress/senate-amendment/4953 P000595 Sen. Peters, Gary C. [D-MI] Gary Peters D MI 1 1 P000449 Sen. Portman, Rob [R-OH] Rob Portman R OH 2022-03-01 True 2022-03-01T05:00:00Z 2022-03-01T05:00:00Z Senate 117 S Senate S 3600 Strengthening American Cybersecurity Act of 2022 2023-05-11T15:46:24Z 6 2022-03-01 0 Senate Amendment SA 4953 agreed to in Senate by Unanimous Consent. Floor 2022-03-01 0 Senate Amendment SA 4953 proposed by Senator Peters. (consideration: CR S897; text: CR S897) To amend the Federal Cybersecurity Enhancement Act of 2015 to require Federal agencies to obtain exemptions from certain cybersecurity requirements in order to avoid compliance with those requirements. Floor 2022-03-01 Senate amendment submitted Floor 91000 9 Library of Congress 2022-03-01 Senate amendment proposed (on the floor): Amendment SA 4953 proposed by Senator Peters. Floor 93000 9 Library of Congress 2022-03-01 Senate amendment agreed to: Amendment SA 4953 agreed to in Senate by Unanimous Consent. Floor 94000 9 Library of Congress Engrossed in Senate 2022-03-01T05:00:00Z https://www.govinfo.gov/content/pkg/BILLS-117s3600es/xml/BILLS-117s3600es.xml Placed on Calendar Senate 2022-02-09T05:00:00Z https://www.govinfo.gov/content/pkg/BILLS-117s3600pcs/xml/BILLS-117s3600pcs.xml 2022-03-02 Held at the desk. 13:11:27 text/xml EN Pursuant to Title 17 Section 105 of the United States Code, this file is not subject to copyright protection and is in the public domain. Congressional Research Service, Library of Congress This file contains bill summaries and statuses for federal legislation. A bill summary describes the most significant provisions of a piece of legislation and details the effects the legislative text may have on current law and federal programs. Bill summaries are authored by the Congressional Research Service (CRS) of the Library of Congress. As stated in Public Law 91-510 (2 USC 166 (d)(6)), one of the duties of CRS is "to prepare summaries and digests of bills and resolutions of a public general nature introduced in the Senate or House of Representatives". For more information, refer to the User Guide that accompanies this file.