The Cybersecurity Act of 2012 (S. 2105) was introduced by Senator Joseph Lieberman in the U.S. Senate on February 14, 2012.
The summary states, "Directs the Secretary of Homeland Security (DHS), in consultation with owners and operators of critical infrastructure, the Critical Infrastructure Partnership Advisory Council, and other federal agencies and private sector entities, to: (1) to conduct a top-level assessment of cybersecurity risks to determine which sectors face the greatest immediate risk, and beginning with the sectors identified as having the highest priority, conduct, on a sector-by-sector basis, cyber risk assessments of the critical infrastructure; (2) establish a procedure for the designation of critical infrastructure; (3) identify or develop risk-based cybersecurity performance requirements; and (4) implement cyber response and restoration plans. Sets forth requirements for securing critical infrastructure, including notification of cyber risks and threats and reporting of significant cyber incidents affecting critical infrastructure.
Defines "critical infrastructure" as systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, or national public health or safety.
Amends the Federal Information Security Management Act of 2002 (FISMA) to revise information security requirements for federal agencies and provide for continuous monitoring of, and streamlined reporting of, cybersecurity risks.
Amends the Homeland Security Act of 2002 to consolidate existing DHA resources for cybersecurity within a National Center for Cybersecurity and Communications. Sets forth the duties of the Center, including managing efforts to secure, protect, and ensure the resiliency of the federal information infrastructure, supporting private sector efforts to protect such infrastructure, prioritizing efforts to address the most significant risks to the information infrastructure, and ensuring privacy protections."