FEMA Cybersecurity Improvement Act

House Votes

This measure tells FEMA to strengthen its own cybersecurity so hackers can’t slow or stop its disaster work. It adds cyber risk reduction to FEMA’s core duties and has FEMA work closely with the Cybersecurity and Infrastructure Security Agency (CISA). Within one year after it becomes law, FEMA must report on its progress to Congress, explaining how it is finding and fixing cyber risks inside the agency.

Key points:

• Who is affected: FEMA and, indirectly, people who rely on FEMA during disasters.
• What changes: FEMA must actively reduce cybersecurity risks that could disrupt its operations and coordinate with CISA; it must also deliver a progress report.
• When: After the law takes effect, the report is due within one year.