Sec. 1805. Cybersecurity information sharing and coordination in ports
736 words·~3 min read·
/bill/115/hr/302/eah/section-1805A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
The Secretary of Homeland Security, through the Commandant of the Coast Guard and the Under Secretary responsible for overseeing the critical infrastructure protection, cybersecurity, and other related programs of the Department of Homeland Security, shall— not later than 1 year after the date of enactment of this Act, coordinate with the National Maritime Security Advisory Committee, the Area Maritime Security Advisory Committees, and other maritime stakeholders, as necessary, to develop and implement a maritime cybersecurity risk assessment model, consistent with the activities described in section 2(e) of the National Institute of Standards and Technology Act ( 15 U.S.C. 272(e) ), to evaluate current and future cybersecurity risks that have the potential to affect the marine transportation system or that would cause a transportation security incident (as defined in section 70101 of title 46, United States Code) in ports; and not less than biennially thereafter, evaluate the effectiveness of the cybersecurity risk assessment model established under paragraph (1).
Section 70101 of title 46, United States Code, is amended— by redesignating paragraphs
(2)through
(6)as paragraphs
(3)through (7), respectively; and by inserting after paragraph
(1)the following: The term cybersecurity risk has the meaning given the term in section 227 of the Homeland Security Act of 2002 ( 6 U.S.C. 148 ). . Section 70112(a)(1)(A) of title 46, United States Code, is amended by inserting before the semicolon the following: “, including on enhancing the sharing of information related to cybersecurity risks that may cause a transportation security incident, between relevant Federal agencies and— State, local, and tribal governments; relevant public safety and emergency response agencies; relevant law enforcement and security organizations; maritime industry; port owners and operators; and terminal owners and operators; . The Commandant of the Coast Guard and the Under Secretary responsible for overseeing the critical infrastructure protection, cybersecurity, and other related programs of the Department of Homeland Security shall— ensure there is a process for each Area Maritime Security Advisory Committee established under section 70112 of title 46, United States Code— to facilitate the sharing of information related to cybersecurity risks that may cause transportation security incidents; to timely report transportation security incidents to the national level; and to disseminate such reports across the entire maritime transportation system via the National Cybersecurity and Communications Integration Center; and issue voluntary guidance for the management of such cybersecurity risks in each Area Maritime Transportation Security Plan and facility security plan required under section 70103 of title 46, United States Code, approved after the date that the cybersecurity risk assessment model is developed under subsection
(a)of this section. Section 70102(b)(1) of title 46, United States Code, is amended— in the matter preceding subparagraph (A), by striking and by not later than December 31, 2004 ; and in subparagraph (C), by inserting security against cybersecurity risks, after physical security, . Section 70103 of title 46, United States Code, is amended— in subsection (a)(1), by striking Not later than April 1, 2005, the and inserting The ; in subsection (a)(2), by adding at the end the following: A plan to detect, respond to, and recover from cybersecurity risks that may cause transportation security incidents. ; in subsection (b)(2)— in subparagraph (G)(ii), by striking ; and and inserting a semicolon; by redesignating subparagraph
(H)as subparagraph (I); and by inserting after subparagraph
(G)the following: include a plan for detecting, responding to, and recovering from cybersecurity risks that may cause transportation security incidents; and ; and in subsection (c)(3)(C)— in clause (iv), by striking ; and and inserting a semicolon; by redesignating clause
(v)as clause (vi); and by inserting after clause
(iv)the following: detecting, responding to, and recovering from cybersecurity risks that may cause transportation security incidents; and . The amendments made by this subsection shall apply to assessments or security plans, or updates to such assessments or plans, submitted after the date that the cybersecurity risk assessment model is developed under subsection (a). Not later than 1 year after the date of enactment of this Act, the Commandant of the Coast Guard and the Under Secretary responsible for overseeing the critical infrastructure protection, cybersecurity, and other related programs of the Department of Homeland Security shall provide to the appropriate committees of Congress a briefing on how the Coast Guard will assist in security and response in the port environment when a cyber-caused transportation security incident occurs, to include the use of cyber protection teams.
Connectionstraces to 1
Traces to 1 document
1 reference not yet in our index
- 6 USC 148
Citation graph
cites case law
Cites 2Cited by 0 across 0 sources