Which federal act provides the legal authority for information security modernization?

This question hinges on understanding which law provides the authority to update and run the government’s information security program across federal agencies. The Federal Information Security Modernization Act of 2014 establishes the legal framework for modernizing information security in the federal government. It updates and strengthens FISMA by requiring agencies to implement a comprehensive information security program, use a risk-based approach, and adopt continuous monitoring and regular reporting. It also ties security controls to established standards and frameworks from NIST, keeping security measures current as technology and threats evolve. That direct mandate to modernize and maintain security across federal information systems is why this act is the best answer. The other acts focus on different areas—privacy protection, the creation and duties of the Department of Homeland Security, or national security and intelligence—rather than providing the overarching authority to modernize information security programs nationwide.