Department of Veterans Affairs Cyber Security Protection Act

[AI summary unavailable — showing source text] Department of Veterans Affairs Cyber Security Protection Act Directs the Assistant Secretary of Veterans Affairs for Information and Technology to submit to the congressional veterans committees (under current law only to the Secretary of Veterans Affairs) quarterly reports on Department of Veterans Affairs (VA) compliance with federally-required information security improvements. Directs the Assistant Secretary to submit to such committees: (1) quarterly, a plan of action to address critical known VA information security vulnerabilities; and (2) annually, a plan for identifying and replacing VA operating systems that are out-of-date or unsupported. Directs the Assistant Secretary to ensure that any software or Internet applications used on VA operating systems are secure from vulnerabilities that could affect the confidentiality of sensitive personal information on veterans. Directs the Secretary to: report quarterly to such committees on any incidents of failure to comply with established information security policies, any actions taken in response to such incidents, and certain related information; submit a strategic plan to such committees for improving VA information security …