Federal Information Security Modernization Act of 2022
Have a question about what this bill does? Ask in plain English; the answer is drawn from the bill's actual text and official record, and it'll tell you when something isn't in the text rather than guess.
Federal Information Security Modernization Act of 2022
This bill addresses federal information security management, notification and remediation of cybersecurity incidents, and the roles of the Office of Management and Budget (OMB) and the Cybersecurity and Infrastructure Security Agency (CISA).
CISA must perform, on an ongoing and continuous basis, assessments of federal risk posture. The bill requires evaluation by each agency of whether additional cybersecurity procedures are appropriate at least once every three years.
An agency, as expeditiously as practicable and without unreasonable delay, and within 45 days after it has a reasonable basis to conclude that a breach has occurred, must (1) determine whether notice to any individual potentially affected by the breach is appropriate based on a risk assessment; and (2) as appropriate, provide written notice to each individual potentially affected. Notification may be delayed under specified circumstances.
Each agency must provide any information relating to a major incident to CISA, the OMB, the Office of the National Cyber Director, the agency's office of inspector general, the Government Accountability Office, and Congress.
An agency's contractors and grant recipients must notify the agency of an incident involving federal information within a specified time frame.
Each agency shall develop training for individuals at the agency with access to federal information or information systems on how to identify and respond to an incident.
CISA must establish a program to provide ongoing, hypothesis-driven threat-hunting services on the network of each agency.
The bill establishes specified pilot programs to enhance federal cybersecurity.
Ordered to be Reported (Amended) by Voice Vote.
- Introduced in House Formatted Text PDF Formatted XML
Cite this page
U.S. Congress. (2026). H.R. 6497: Federal Information Security Modernization Act of 2022. 117th Congress. Open America. https://openamerica.io/bill/117-HR-6497/
"H.R. 6497: Federal Information Security Modernization Act of 2022." 117th Congress, 2026, Open America, https://openamerica.io/bill/117-HR-6497/.
H.R. 6497, 117th Cong. (2026), https://openamerica.io/bill/117-HR-6497/.
[H.R. 6497: Federal Information Security Modernization Act of 2022](https://openamerica.io/bill/117-HR-6497/)