As ordered reported by the Senate Committee on Homeland Security and Governmental Affairs... S. 3480 would amend the Federal Information Security Management Act of 2002 (FISMA) to strengthen and coordinate security controls over computer information systems across federal civilian agencies. In addition, the legislation would aim to increase the security of privately owned computer networks for online communication and prevent intentional disruptions of such networks. S. 3480 would establish new offices, require additional testing of computer systems, and provide federal agencies with new authorities and responsibilities related to information security.
Based on information from the Department of Homeland Security (DHS), the Office of Management and Budget (OMB), and other major agencies involved in cybersecurity, CBO estimates that implementing S. 3480 would cost $1.5 billion over the 2011-2015 period, assuming appropriation of the necessary amounts. Most of those funds would be spent on salaries, expenses, and computer hardware and software.
The Executive Office of the President currently employs a coordinator to manage cybersecurity policies. Title I would expand that role and establish an Office of Cyberspace Policy within the Executive Office of the President. The office would advise the President and help coordinate all cybersecurity regulations, standards, and strategies.
Based on information provided by OMB and the cost of similar offices and programs, CBO estimates that creating the new office would cost about $30 million a year once fully implemented. We expect that the office would steadily expand its budget and staff over three years before it reached that level of effort and estimate that implementing the title would cost $115 million over the 2011-2015 period.
Read full at CBO