There is 1 version of this bill. View text

Click the check-box to add or remove the section, click the text link to scroll to that section.
Titles Actions Overview All Actions Cosponsors Committees Related Bills Subjects Latest Summary All Summaries

Titles (2)

Short Titles

Short Titles - Senate

Short Titles as Introduced

Federal Information Security Management Reform Act of 2015

Official Titles

Official Titles - Senate

Official Titles as Introduced

A bill to strengthen the ability of the Secretary of Homeland Security to detect and prevent intrusions against, and to use countermeasures to protect, Government agency information systems, and for other purposes.


Actions Overview (1)

Date Actions Overview
07/22/2015Introduced in Senate

All Actions (1)

Date All Actions
07/22/2015Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (Sponsor introductory remarks on measure: CR S5456-5458)
Action By: Senate

Cosponsors (5)

* = Original cosponsor
CosponsorDate Cosponsored
Sen. Warner, Mark R. [D-VA]* 07/22/2015
Sen. Mikulski, Barbara A. [D-MD]* 07/22/2015
Sen. Coats, Daniel [R-IN]* 07/22/2015
Sen. Ayotte, Kelly [R-NH]* 07/22/2015
Sen. McCaskill, Claire [D-MO]* 07/22/2015

Committees (1)

Committees, subcommittees and links to reports associated with this bill are listed here, as well as the nature and date of committee activity and Congressional report number.

Committee / Subcommittee Date Activity Reports
Senate Homeland Security and Governmental Affairs07/22/2015 Referred to

A related bill may be a companion measure, an identical bill, a procedurally-related measure, or one with text similarities. Bill relationships are identified by the House, the Senate, or CRS, and refer only to same-congress measures.


Latest Summary (1)

There is one summary for S.1828. View summaries

Shown Here:
Introduced in Senate (07/22/2015)

Federal Information Security Management Reform Act of 2015

Requires the Department of Homeland Security (DHS), in administering federal agencies' implementation of information system security policies, to: (1) operate consolidated intrusion detection, prevention, or protective capabilities and use of associated countermeasures to protect agency information and systems from security threats; (2) provide incident detection, analysis, mitigation, and response information and remote or onsite technical assistance; (3) develop and conduct impact assessments in consultation with other agencies and private entities; (4) foster development of technologies for use across multiple agencies in conjunction with other agencies and the private sector; and (5) coordinate such information security policies with standards for national security systems and policies issued by the Department of Defense (DOD) and the Director of National Intelligence.

Authorizes the DHS Secretary to acquire, intercept, retain, use, and disclose communications and system traffic transiting to or from or stored on agency information systems and deploy countermeasures if the Secretary certifies that: (1) the measures are reasonably necessary to protect agency information systems from security threats; (2) content of communications will not be retained, and traffic will not be subject to countermeasures, unless associated with a known or reasonably suspected information security threat; (3) the information will be used for law enforcement purposes only with the Attorney General's approval when the information is evidence of a crime; (4) system users have been notified of the potential for such an acquisition or disclosure; and (5) the procedures have been approved by the Attorney General.

Allows agency heads to disclose such information to the Secretary notwithstanding any other law that would otherwise restrict or prevent such disclosures. Provides liability protections to private entities authorized to assist the Secretary for such purposes.

Authorizes the Secretary to: (1) issue a directive to an agency to take any lawful action with respect to the operation of a system that maintains agency information in response to a known or reasonably suspected information security threat, vulnerability, or incident that represents a substantial threat to an agency's information security; or (2) authorize, without prior consultation with the affected agency, the use of protective capabilities under the Secretary's control if there is an imminent threat and a directive is unlikely to be timely.

Exempts DOD and the intelligence community from such procedures.