Bill Would Allow Firing of Agency Heads after a Cyber Attack
A bill introduced this week in the House would allow for harsher punishment of agency heads if a data breach occurs under their watch.
Authored by Rep. Ralph Abraham, R-La., the Cybersecurity Responsibility and Accountability Act of 2016 says if a major data breach occurs "in part or in whole" because an agency head "failed to comply sufficiently with the information security requirements, recommendations, or standards," the director of the Office of Management and Budget can recommend his or her removal.
The bill would also let OMB’s director to ensure that agency’s head does not receive “any cash or pay awards or bonuses for a period of one year after submission of the explanation” for the incident.
Designed to increase "accountability so that we can hold agency heads responsible when they fail to correct security vulnerabilities identified by inspectors,” the legislation also calls on the National Institute of Standards and Technology director to identify major information security concerns for agencies and supporting agencies in information security training and certification.
If the bill is enacted, NIST, OMB and the Homeland Security Department would also collaborate on a job description for agency chief information security officers within six months.
Posted in General News