Copyright

Government Information Security Reform Act of 2000: Definition & Purpose

Instructor: Beth Hendricks

Beth holds a master's degree in integrated marketing communications, and has worked in journalism and marketing throughout her career.

GISRA laid the groundwork for the start of cybersecurity initiatives for government agencies. In this lesson, you'll learn more about it, its predecessor and why what came after was stronger because of it.

Government Computing

Washington D.C. is a busy place. There are Congressional meetings to attend, executive orders to be signed and bills to be turned into laws.

Since a lot of the business of the country is conducted electronically, it's important that information can be sent and received securely - without fear of hackers or viruses. Behind the scenes - and even out front - that means there are many people working to keep computer systems and data secure. In fact, in late 1999, two senators thought cybersecurity was so important, they introduced a bill about it and how to protect government devices.


GISRA laid the groundwork for stronger cybersecurity initiatives in the federal government.
FISMA, GISRA, security, cybersecurity, federal, agencies, government, U.S.


1999! If you're old enough to remember things that happened in 1999, you're probably thinking, ''Computers weren't even that big of a deal then!'' USB flash drives had just been developed, and personal computers would set you back almost $3,000.

Yet, it was the birth year of the Thompson-Liebermann Act, the precursor to the subject of our lesson today: The Government Information Security Reform Act of 2000.

GISRA Defined

GISRA is a simpler way to remember - and talk about - the Government Information Security Reform Act. Formerly known as the Thompson-Liebermann Act, it became a federal law requiring offices of the U.S. government to develop a security program to assess its risk to security threats and ways to protect from them.

The two senators involved in getting the ball rolling on GISRA believed that the accessibility of data and the ability to communicate with others almost instantaneously increased security risks that could cause serious breakdowns in important services of the government. The impending fear of what might happen as the calendar year switched over to 2000 (dubbed ''Y2K'') also created some fears about what would happen to computers and data.

Regardless, that's where GISRA got its legs. Specifically GISRA was meant to address the following:

  • Conduct risk assessments to determine system vulnerabilities
  • Create information security plans and programs for agencies
  • Identify and implement security protection methods
  • Address the security of government data and information
  • Provide security awareness training for all employees
  • Continue security plan through lifecycle of computer systems
  • Conduct regular evaluations of security measures

Agencies that failed to include security updates in their annual budgets risked having their funds cut for being out of compliance.

GISRA's real doom was in the lack of detail about security controls, plans and programs that government agencies were required to implement. Instead, they relied on generalities from the National Institute of Standards and Technology (NIST), which simply stated that security initiatives undertaken should match the amount of risk agencies were likely to endure.

GISRA Replaced

Just two years later, GISRA was repealed when the Federal Information Security Management Act, or FISMA was passed. It wasn't a complete failure for GISRA, however, as many of its tenants were carried over and boosted with FISMA.

FISMA describes a more complete plan for keeping government data, assets and day-to-day functionality safe from cybersecurity threats. Agencies would still be required to conduct annual audits, but this time with the goal of meeting pre-defined thresholds. The new plan also details nine other areas to keep agencies FISMA-compliant:

To unlock this lesson you must be a Study.com Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 160 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Create an account to start this course today
Try it risk-free for 30 days!
Create An Account
Support