S2251-118

Reported

To improve the cybersecurity of the Federal Government, and for other purposes.

118th Congress Introduced Jul 11, 2023

Analysis under review: This bill has generated analysis that may be too generic or incomplete. Clause-level evidence remains available below.

Summary

What This Bill Does

This bill, To improve the cybersecurity of the Federal Government, and for other purposes., changes federal law or congressional policy affecting federal agencies and legislative administrators. The main policy domain is Government Operations, Technology, Defense.

Who Benefits and How

federal agencies and legislative administrators may benefit from new authority, funding, eligibility, regulatory clarity, or reduced risk created by the bill.

Who Bears the Burden and How

federal implementing agencies may take on implementation duties, reporting obligations, compliance costs, or oversight responsibilities.

Key Provisions

  • Section idBFD9DC6E9430482082CB4EB8C418DD73: 1. Short title; table of contents This Act may be cited as the Federal Information Security Modernization Act of 2023. The table of contents for this Act is as...
  • Section id3af7e09f637e4aabb7d982ff53563f55: 2. Definitions In this Act, unless otherwise specified: The term agency has the meaning given the term in section 3502 of title 44, United States Code. The...
  • Section id75d870a3ffd54523837c51196da4c78f: 3. Amendments to title 44 Subchapter I of chapter 35 of title 44, United States Code, is amended— in section 3504— in subsection (a)(1)(B)— by striking clause...
  • Section id97741c148d3445e7a63932484e84d90f: 3591. Definitions Except as provided in subsection (b), the definitions under sections 3502 and 3552 shall apply to this subchapter. As used in this...
  • Section id78ca636c765140579889407acb629b95: 3592. Notification of breach In this section, the term covered breach means a breach— involving not less than 50,000 potentially affected individuals; or the...

Evidence Chain:

This summary is generated from the full bill text using AI analysis. Expand "Detailed Analysis" below for identified beneficiaries/burden bearers.

At a Glance

What This Bill Does

This bill, To improve the cybersecurity of the Federal Government, and for other purposes., changes federal law or congressional policy affecting federal agencies and legislative administrators.

Key Policy Areas

Government Operations, Technology, Defense

Primary Purpose

This bill, To improve the cybersecurity of the Federal Government, and for other purposes., changes federal law or congressional policy affecting federal agencies and legislative administrators.

Policy Domains

Government Operations Technology Defense

Whole bill

Identified Gains
Contextual inference, no direct clause citation
  • federal agencies and legislative administrators
Model: codex-gpt-5 | Version: bill_summary_v2 | Source: rs

Contextual inference, no direct clause citation

Identified Costs
Contextual inference, no direct clause citation
  • federal implementing agencies
Model: codex-gpt-5 | Version: bill_summary_v2 | Source: rs

Contextual inference, no direct clause citation

Legislative Progress

Reported
Introduced Committee Passed
Dec 9, 2024

Reported by Mr. Peters, with an amendment

Jul 11, 2023

Mr. Peters (for himself and Mr. Hawley) introduced the following …

Stakeholder Effects

cui bono?

How this legislation distributes effects. Mention counts reflect frequency, not effect magnitude.

Government
40 mentions across 27 clauses
+15 positive -25 negative

Agency Chief Information Officers, CISA shared services, Chief Data Officer Council

Positive-direction: CISA shared services, Chief Data Officer Council, Congressional oversight committees, Federal Chief Data Officers, Federal Chief Information Officer, Federal agency CISOs, Federal cybersecurity policy community, Federal cybersecurity professionals, Federal cybersecurity workforce, National Cyber Director office, Office of the National Cyber Director, Senior federal cybersecurity professionals

Negative-direction: Agency Chief Information Officers, Federal agencies, Federal agencies receiving contractor reports, Federal agencies seeking modernization funding, Federal agencies subject to CISA analysis, Federal agencies subject to FISMA requirements, Federal agencies using mobile devices, Federal agencies with high value assets, Federal agencies with open security recommendations, Federal employees with system access, National Cyber Director, Sector Risk Management Agencies

Technology
21 mentions across 16 clauses
+18 positive -3 negative

AI and machine learning cybersecurity vendors, Bug bounty platform operators, Cybersecurity automation tool vendors

Positive-direction: AI and machine learning cybersecurity vendors, Bug bounty platform operators, Cybersecurity automation tool vendors, Cybersecurity penetration testing firms, Data analytics and automation vendors, Data encryption solution vendors, Data loss prevention (DLP) vendors, Federal IT contractors and cybersecurity vendors, Federal IT modernization contractors, Identity and access management (IAM) vendors, Managed security service providers (MSSPs), Penetration testing and security assessment firms, Red team and ethical hacking service providers, Security Information and Event Management (SIEM) vendors, Security operations center technology vendors, Security researchers, Security researchers and ethical hackers, Zero trust architecture solution vendors

Negative-direction: Federal IT contractors, Federal contractors and their employees, Federal contractors handling federal information

General Public
2 mentions across 2 clauses
+2 positive

American public, American public whose data is held by federal agencies

Professional Services
2 mentions across 2 clauses
+2 positive

Cybersecurity consulting firms, Network security consultants

Advocacy Groups
1 mention across 1 clause
+1 positive

Government transparency advocates

Financial Services
1 mention across 1 clause
+1 positive

Private organizations that submit sensitive data to agencies

Manufacturing
1 mention across 1 clause
-1 negative

IoT device manufacturers selling to government

Credit Bureaus
1 mention across 1 clause
+1 positive

Nationwide consumer reporting agencies

38/70
sections analyzed
Full impact breakdown

Bill Structure & Actor Mappings

Who is "The Secretary" in each section?

Domains
Government Operations Technology Defense
Actor Mappings
"secretary_of_defense"
→ Secretary of Defense
"secretary_of_homeland_security"
→ Secretary of Homeland Security

Key Definitions

Terms defined in this bill

7 terms
"covered individual" §id75d870a3ffd54523837c51196da4c78f

an individual who obtains access to a Federal information system because of the status of the individual as— an employee, contractor, awardee, volunteer, or intern of an agency

"covered breach" §id78ca636c765140579889407acb629b95

a breach— involving not less than 50,000 potentially affected individuals

"covered individual" §ida07c3740a43c4fdfb11c2c4832bcab6e

an individual who obtains access to a Federal information system because of the status of the individual as— an employee, contractor, awardee, volunteer, or intern of an agency

"covered individual" §id10f99acb-76c4-410f-83fa-f65ba02f55ca

an individual who obtains access to a Federal information system because of the status of the individual as— an employee, contractor, awardee, volunteer, or intern of an agency

"covered breach" §id7b94d1cd-0771-4330-bce2-61cbab7e37cb

a breach— involving not less than 50,000 potentially affected individuals

"geographic division" §id96ca5cd9-6fc1-438d-8726-86e8fa2b9a00

a geographic division that is among the 9 geographic divisions determined by the Bureau of the Census. The term rural hospital means a healthcare facility that— is located in a non-urbanized area, as determined by the Bureau of the Census

"covered individual" §idcda66a0e-6e03-4248-b800-ee34929baad6

an individual who obtains access to a Federal information system because of the status of the individual as— an employee, contractor, awardee, volunteer, or intern of an agency

We use a combination of our own taxonomy and classification in addition to large language models to assess meaning and potential beneficiaries. High confidence means strong textual evidence. Always verify with the original bill text.

Learn more about our methodology