Sec. 310. Intelligence community assistance for nationally significant critical infrastructure
777 words·~4 min read·
/bill/114/s/3017/pcs/section-310A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
In this section: The term covered critical infrastructure means the critical infrastructure identified pursuant to section 9(a) of Executive Order 13636 of February 12, 2013 (78 Fed. Reg. 11742; related to improving critical infrastructure cybersecurity). The term covered cyber asset means an information system or industrial control system that is essential to the operation of covered critical infrastructure. Except as otherwise specifically provided, the term program means the program required by subsection (b).
The term Secretary means the Secretary of Homeland Security. The term sector-specific agency has the meaning given that term in Presidential Policy Directive-21, issued February 12, 2013 (related to critical infrastructure security and resilience), or any successor. The term voluntary participant means an entity eligible to participate in the program under subsection (e)(2) that has voluntarily elected to participate in the program. Not later than 180 days after the date of the enactment of this Act, the Director of National Intelligence and the Secretary, in consultation with covered critical infrastructure and sector-specific agencies, shall establish and carry out a program to provide assistance from the elements of the intelligence community to covered critical infrastructure consistent with subsection (g).
The objective of the program shall be to provide guidance and assistance from the elements of the intelligence community to covered critical infrastructure in order to reduce the risk of regional or national catastrophic harm caused by a cyber attack against covered critical infrastructure. The Director of National Intelligence and the Secretary shall appoint a director of the program. The program shall include the participation of the following: The Office of Intelligence and Analysis of the Department of Homeland Security.
The Federal Bureau of Investigation. The Office of Intelligence and Counterintelligence of the Department of Energy, including the appropriate elements of the Department of Energy National Laboratories. The Central Intelligence Agency. The National Security Agency. The National Intelligence Manager for cyber. The Office of Intelligence and Analysis of the Department of the Treasury. Participation in the program by entities external to the intelligence community shall be on a voluntary basis and subject to approval by the director of the program and may include the following:
Covered critical infrastructure. Vendors and manufacturers of covered cyber assets, and the components of such systems. Systems Integrators and other commercial enterprises that provide configuration or remote services for covered cyber assets. Appropriate personnel of the Information Sharing and Analysis Organizations of covered critical infrastructure sectors. Any entity nominated for participation by an owner or operator of covered critical infrastructure. The director of the program is authorized to carry out activities to expand cooperation among private sector participants and the intelligence community in order to achieve the objective set out in subsection (c), as follows:
Sponsorship of security clearances for appropriate personnel of the Information Sharing and Analysis Organizations of certain critical infrastructure sectors, and expedite security clearances, when appropriate. The establishment of an interagency framework, in consultation with voluntary participants, to determine a strategy to effectively leverage intelligence community resources made available to protect covered critical infrastructure or to fulfill such objective. Within the existing framework governing intelligence prioritization, the identification of intelligence collection requirements relevant to the security of covered cyber assets and covered critical infrastructure.
Collaborative efforts with voluntary participants to improve the detection, prevention, and mitigation of unauthorized activity conducted by foreign actors against or concerning covered critical infrastructure, including espionage. The provision of assistance regarding the research, design, and development of protective and mitigation measures for covered cyber assets, the networks utilized by covered cyber assets, and the components of covered cyber assets to voluntary participants.
The provision of technical assistance and input to voluntary participants for testing and exercises related to covered cyber assets. This section shall be carried out in a manner consistent with the existing roles, responsibilities, authorities, and programs of the United States Government. A voluntary participant in the program that is covered critical infrastructure shall not be required to reimburse the United States Government for the use of any facility, personnel, contractor, equipment, service, or information of the United States Government utilized in an activity carried out pursuant to the program.
The Director of National Intelligence shall consider the national significance of covered critical infrastructure in the Director's process for prioritizing requirements and effectively allocating the resources of the intelligence community for assisting government efforts to help protect critical infrastructure owned or operated in the private sector. Nothing in this section may be construed to authorize the Director of National Intelligence, the Secretary, or any other Federal regulator to promulgate new regulations.
Nothing in this section may be construed to limit any authority or responsibility of an agency under existing law.
Connectionstraces to 1
Traces to 1 document
1 reference not yet in our index
- 78 FR 11742
Citation graph
cites case law
Sec. 310
Intelligence community assistance for nationally significant critical infrastructure
Fed. Reg.78 FR 11742
Cites 2Cited by 0 across 0 sources