A bipartisan group of senators has reintroduced legislation that aims to boost the physical and digital security of Federal data centers against potential threats.
The Federal Data Center Enhancement Act – introduced by Sens. Jacky Rosen, D-Nev., Gary Peters, D-Mich., and John Cornyn, R-Texas – would require the Office of Management and Budget to work with Federal agencies to coordinate a government-wide effort to develop strong minimum requirements for cybersecurity, resiliency, availability, and sustainability for new Federal data centers.
These minimum requirements would include standards related to cyber intrusions, data center availability, mission-critical uptime, and resilience against physical attacks, wildfires, and other natural disasters.
“The sensitive information stored on Federal systems cannot be left open to vulnerabilities like cyberattacks or natural disasters,” said Sen. Cornyn in a July 2022 joint release when the senators first introduced the legislation.
“This legislation would help secure Federal data and encourage optimization, which will save taxpayer dollars and protect Americans who entrust their information to the Federal government,” he said.
The bill seeks to build on the success of the Federal government’s effort to consolidate the number of Federal data centers. Since 2010, more than 6,000 Federal data centers have been consolidated, resulting in cost savings and cost avoidance of $5.8 billion. According to the senators, their legislation would build on that success by shifting the policy focus from consolidation to optimization, security, and resiliency.
“The Federal government is responsible for storing considerable amounts of sensitive and personal information – including credit card and social security numbers. We must ensure this data is stored securely and used in a way that does not violate civil rights and liberties,” said Sen. Peters. “This important, bipartisan legislation will ensure that new and existing Federal data centers are protected from cyber-attacks, catastrophic weather events, and other potential disasters.”
“With the increasing threat of cyberattacks and natural disasters, we must ensure the integrity of our nation’s critical information by protecting data centers … This bipartisan bill will enact a new set of security and resiliency standards to keep our data safe,” said Sen. Rosen.
The group of senators first introduced the bill in July 2022. The measure was approved by the Senate Homeland Security and Governmental Affairs Committee – which is chaired by Sen. Peters – but did not receive a vote in the full Senate before the end of the 117th Congress.