On December 18, President Obama signed into law five bills that address cybersecurity. The Cybersecurity Enhancement Act of 2014 (S. 1353), amends existing authorities of the National Institute of Standards and Technology (“NIST”) to require the agency to work with the private sector to develop a voluntary, flexible cybersecurity framework for critical infrastructure. This follows the Administration’s Cybersecurity Executive Order 13636 issued on February 12, 2013, that called for NIST to adopt a framework and NIST’s subsequent issuance of the first version of the framework in February 2014, a year later. The bill also requires NIST to promote cybersecurity education and awareness programs as well as encourage cybersecurity research by the federal government.
President Obama also signed into law the following four cybersecurity bills applicable only to government agencies: National Cybersecurity Protection Act (S. 2519), Cybersecurity Workforce Assessment Act (H.R. 2952), Federal Information Security Modernization Act of 2014 (S. 2521), and Border Patrol Agent Pay Reform Act (S. 1691).