Data protection measure
Joe Biden Enacts Veterans Affairs Department Cybersecurity Law
President Joe Biden signed into law the Strengthening VA Cybersecurity Act of 2022 on Dec. 27, aiming to enhance protection efforts across the Department of Veterans Affairs and the data it stores. The legislation, which calls for a third-party audit of information technology systems and cyber defense programs, was proposed after hackers breached a department health care payment program in 2020, gaining access to personal information belonging to 46,000 veterans.
Rep. Frank Mrvan led the introduction of the measure in the House of Representatives while Sens. Jacky Rosen and Marsha Blackburn advanced a similar bill in the Senate, FedScoop reported Wednesday.
Under the law, the cyber audit will be undertaken by a federally funded research and development center, which combines public and private sector capabilities. Investigators are tasked with assessing whether VA can ensure the confidentiality, integrity and availability of information systems.
In September, the agency disclosed a potential breach after sensitive source code posted by a contractor on GitHub was copied by foreign users, opening access to software keys that could facilitate entry into federal IT systems. The Cybersecurity and Infrastructure Security Agency discovered the incident and relayed the information to VA.
Tags: cybersecurity Department of Veterans Affairs FedScoop Frank Mrvan personal information Strengthening VA Cybersecurity Act third-party audit