Federal Information Security Modernization Act of 2014
GPTKB entity
Statements (54)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:legislation
gptkb:United_States_federal_law |
| gptkbp:addresses |
cybersecurity threats
|
| gptkbp:amends |
gptkb:Federal_Information_Security_Management_Act_of_2002
|
| gptkbp:effective_date |
April 2014
January 1, 2015 |
| gptkbp:enacted_by |
gptkb:United_States_Congress
|
| gptkbp:encourages |
the development of incident response plans
the adoption of cloud computing security measures the development of cybersecurity research the use of best practices in information security |
| gptkbp:enhances |
collaboration between federal agencies and private sector
|
| gptkbp:establishes |
a framework for managing information security risks
a process for continuous monitoring of information systems a framework for securing federal information systems |
| gptkbp:facilitates |
the sharing of threat intelligence
the establishment of a cybersecurity framework the assessment of cybersecurity capabilities |
| https://www.w3.org/2000/01/rdf-schema#label |
Federal Information Security Modernization Act of 2014
|
| gptkbp:improves |
reporting of cybersecurity incidents
|
| gptkbp:influences |
state and local government cybersecurity policies
|
| gptkbp:mandates |
annual assessments of information security programs
the reporting of security breaches the appointment of Chief Information Security Officers in federal agencies the evaluation of cybersecurity risks the evaluation of security incidents the training of incident response teams |
| gptkbp:oversees |
the National Institute of Standards and Technology
|
| gptkbp:promotes |
collaboration between federal agencies and private sector
the use of multi-factor authentication information sharing among federal agencies the use of encryption for sensitive data the use of secure coding practices |
| gptkbp:provides |
guidelines for risk management
for the protection of personal information guidelines for reporting security incidents |
| gptkbp:purpose |
to improve the security of federal information systems
|
| gptkbp:requires |
cybersecurity training for federal employees
federal agencies to develop and implement information security programs the implementation of access controls the implementation of security controls the assessment of third-party service providers the creation of a risk management strategy the documentation of security policies |
| gptkbp:signed_by |
gptkb:President_Barack_Obama
|
| gptkbp:supports |
the development of cybersecurity workforce
the development of incident response capabilities the establishment of cybersecurity metrics the establishment of cybersecurity awareness programs the establishment of cybersecurity governance frameworks the establishment of cybersecurity policies |
| gptkbp:bfsParent |
gptkb:FISMA
gptkb:Federal_Information_Security_Modernization_Act_(FISMA)_compliance |
| gptkbp:bfsLayer |
5
|