Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 114th Congress · S. 1356 (Enrolled) — To authorize appropriations for fiscal year 2016 for military activities of the Department of Defense, for military c... · Sec. 1648

Sec. 1648. Comprehensive plan and biennial exercises on responding to cyber attacks

593 words·~3 min read·/bill/114/s/1356/enr/section-1648·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Not later than 180 days after the date of the enactment of this Act, the Secretary of Defense shall develop a comprehensive plan for the United States Cyber Command to support civil authorities in responding to cyber attacks by foreign powers (as defined in section 101 of the Foreign Intelligence Surveillance Act of 1978 ( 50 U.S.C. 1801 )) against the United States or a United States person. The plan required by subparagraph
(A)shall include the following: A plan for internal Department of Defense collective training activities that are integrated with exercises conducted with other agencies and State and local governments. Plans for coordination with the heads of other Federal agencies and State and local governments pursuant to the exercises required under clause (i). A list of any other exercises previously conducted that are used in the formulation of the plan required by subparagraph (A), such as Operation Noble Eagle. Descriptions of the roles, responsibilities, and expectations of Federal, State, and local authorities as the Secretary understands them. Descriptions of the roles, responsibilities, and expectations of the active components and reserve components of the Armed Forces. A description of such legislative and administrative action as may be necessary to carry out the plan required by subparagraph (A). The Comptroller General of the United States shall review the plan developed under paragraph (1)(A). Not less frequently than once every two years until the date that is six years after the date of the enactment of this Act, the Secretary of Defense shall, in coordination with the Secretary of Homeland Security, the Director of National Intelligence, the Director of the Federal Bureau of Investigation, and the heads of the critical infrastructure sector-specific agencies designated under Presidential Policy Directive-21 (titled Critical Infrastructure Security Resilience and dated February 12, 2013) and in consultation with Governors of the States and the owners and operators of critical infrastructure, organize and execute one or more exercises based on scenarios in which— critical infrastructure of the United States is attacked through cyberspace; and the President directs the Secretary of Defense to— defend the United States; and provide support to civil authorities in responding to and recovering from cyber attacks, while exercising any guidance derived from the plan developed under subsection
(a)or any subsequent updates to that plan. The purposes of the exercises required by paragraph
(1)are as follows: To exercise command and control, coordination, communications, and information sharing capabilities under the stressing conditions of an ongoing cyber attack. To identify gaps and problems that require new enhanced training, capabilities, procedures, or authorities. To identify— interdependencies; strengths that should be leveraged; and weaknesses that need to be mitigated. In conducting the exercises required by paragraph (1), the Secretary shall ensure that there is an appropriate degree of variation from exercise to exercise of the following: The size, scope, duration, and sophistication of the cyber attacks. The degree of warning and knowledge that is available to the Department of Defense about the attack, the means used in the attack, and the degree of delegation of authority from the President to react, including with pre-planned responses. The effectiveness of the National Mission Force of the United States Cyber Command in preempting and defeating the attack. The effectiveness of the attacks on critical infrastructure in general and particularly in specific industry sectors. The effectiveness of resilience and recovery mechanisms. The Secretary shall coordinate with those with whom the Secretary is required to coordinate under paragraph
(1)to develop equitable cost-sharing agreements to defray the expenses of the exercises required by paragraph (1).
Connectionstraces to 1
Traces to 1 document
Citation graph
cites case law
Sec. 1648
Comprehensive plan and biennial exercises on responding to cyber attacks
U.S.C.§ 1801
Cites 1Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.