FEMA Cybersecurity Improvement Act

The FEMA Cybersecurity Improvement Act would amend the Homeland Security Act of 2002 to make mitigating cybersecurity risks a formal objective for the Federal Emergency Management Agency (FEMA). Specifically, it adds a new focus on preventing cybersecurity risks that could impede FEMA operations and requires FEMA, in coordination with the Cybersecurity and Infrastructure Security Agency (CISA), to develop a plan and report on progress within one year of enactment. The reporting is directed to key House and Senate committees, ensuring congressional oversight. In short, the bill aims to elevate FEMA’s attention to cybersecurity risk as a mission-critical issue and establish a formal reporting requirement to track improvements.