Among the provisions of the Federal Information Security Amendments Act, approved by a voice vote, is a requirement that agencies implement continuous monitoring of their IT systems to identify vulnerabilities before a cyber incident occurs.
Though not perfect, says House Cybersecurity Co-Chair Jim Langevin, D-R.I., "CISPA represents an important good-faith effort to come together as a necessary first step toward better cybersecurity for our nation."
Weeks, months or even years often go by before organizations discover they've been hacked, not learning of the attack until law-enforcement authorities inform them, says recently retired FBI Executive Assistant Director Shawn Henry.
The Congressional Budget Office estimates that, when fully implemented, the new activities specified in legislation before Congress would add about 2 percent - roughly $200 million a year - to the annual cost of implementing FISMA.
Partisan bickering surrounding a bill aimed at protecting the nation's critical IT infrastructure is the likely reason the measure will not come up for a vote in the lower chamber this week, as representatives debate four other cybersecurity bills.