.jpg)
SIFMA joined the Bank Policy Institute and the American Bankers Association in issuing the following statement in response to the bicameral, bipartisan Federal Information Security Modernization Act of 2023 (FISMA), which would improve information security practices at federal agencies:
“Federal agencies should be held to the same standards as private companies when it comes to protecting sensitive consumer data and reporting cybersecurity incidents. FISMA will improve accountability among federal agencies and give financial institutions the critical information they need to protect their customers following a cyber threat.”
The legislation introduced last week (S.2251 and H.R. 4552) includes two key provisions that would enhance transparency over federal agency information security practices. It would:
- Require federal agencies to notify private sector entities whose sensitive information is compromised during an agency cybersecurity incident; and
- Help inform financial institutions of any long-standing federal agency security shortcomings and the effect of those weaknesses by making the information accessible via an inspector general dashboard.
As the U.S. Senate Committee on Homeland Security & Government Affairs considers this legislation, SIFMA, BPI and ABA support these two provisions and look forward to working with Congress on the advancement of FISMA.
We thank the bill sponsors for their leadership on this important issue: Chairman of the Homeland Security and Governmental Affairs Committee Gary Peters (D-MI), Senator Josh Hawley (R-MO), Chairman and Ranking Member of the Committee on Oversight and Accountability James Comer (R-KY) and Jamie Raskin (D-MD), Chairwoman and Ranking Member of the Oversight Subcommittee on Cybersecurity, Information Technology, and Government Innovation Nancy Mace (R-SC) and Gerald E. Connolly (D-VA).
