Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 115th Congress · H.R. 945 (Introduced in House) — To codify the objective of Presidential Policy Directive 21 to improve critical infrastructure security and resilienc... · Sec. 8

Sec. 8. Implementation by Department of Homeland Security

1,184 words·~5 min read·/bill/115/hr/945/ih/section-8

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Within 120 days after the date of the enactment of this Act, the Secretary of Homeland Security shall conduct research and develop a description of the functional relationships within the Department of Homeland Security and across the Federal Government related to critical infrastructure security and resilience. The description shall— include the roles and functions of the 2 national critical infrastructure centers and a discussion of the analysis and integration function; serve as a roadmap for critical infrastructure owners and operators and SLTTs to navigate the Federal Government’s functions and primary points of contact assigned to those functions for critical infrastructure security and resilience against both physical and cyber threats; and include identification of every contact within the Federal Government for critical infrastructure protection security and resilience, by company and industry.
The Secretary shall prepare a report on efforts to coordinate this effort with the SSAs and other relevant Federal departments and agencies. The Secretary shall provide the description, supported by agency-conducted research, to the President through the Assistant to the President for Homeland Security and Counterterrorism, and to the relevant congressional homeland security oversight committees. Within 150 days after the date of the enactment of this Act, the Secretary of Homeland Security, in coordination with the SSAs, other relevant Federal departments and agencies, SLTTs, and critical infrastructure owners and operators, shall conduct an analysis of the existing public-private partnership model, evaluate its effectiveness, and recommend options for improving the effectiveness of the partnership in both the physical and cyber space.
The research and recommendations shall— consider options to streamline or automate (or both) processes for collaboration and exchange of terrorism-related information and to minimize duplication of effort; consider how the model for terrorism information exchange can be flexible and adaptable to meet the unique needs of individual critical infrastructure sectors while providing a focused, disciplined, and effective approach for the Federal Government to coordinate with the critical infrastructure owners and operators and with SLTTs governments; and result in recommendations to enhance partnerships to be approved for implementation by the President.
Within 18 months after the date of the enactment of this Act, the Secretary of Homeland Security, in coordination with the SSAs and other Federal departments and agencies, shall convene a team of researchers to identify baseline data and systems requirements— to enable the efficient exchange of terrorism information and intelligence relevant to strengthening the security and resilience of critical infrastructure; and for sharing of data and interoperability of systems to enable the timely exchange of terrorism or terrorist threat data and information to secure critical infrastructure and make it more resilient.
The experts shall include representatives from— those entities that routinely possess information important to critical infrastructure security and resilience; those entities that determine and manage information technology systems used to exchange information; and those entities responsible for the security of information being exchanged. Analysis by such team of experts shall include— interoperability with critical infrastructure partners; identification of key data and the information requirements of key Federal, SLTT, and private sector entities; availability, accessibility, and formats of data; the ability to exchange various classifications of information; the security of those systems to be used; and appropriate protections for individual privacy and civil liberties.
The Secretary shall provide such analysis to the President through the Assistant to the President for Homeland Security and Counterterrorism, and to congressional homeland security oversight committees. Within 2 years after the date of the enactment of this Act, the Secretary of Homeland Security shall demonstrate a near real-time situational awareness, research-based pilot project for critical infrastructure that— includes threat streams and all-hazards information as well as vulnerabilities; provides the status of critical infrastructure and potential cascading effects; supports decisionmaking; disseminates critical information that may be needed to save or sustain lives, mitigate damage, or reduce further degradation of a critical infrastructure capability throughout an incident; and is available for and covers physical and cyber elements of critical infrastructure, and enables an integration of information as necessitated by an incident.
Within 18 months after the date of the enactment of this Act, the Secretary of Homeland Security shall provide to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the congressional homeland security oversight committees, a research report that outlines the National Infrastructure Protection Plan to address the implementation of this Act, the requirements of title II of the Homeland Security Act of 2002 ( 6 U.S.C. 121 et seq.), and alignment with the National Preparedness Goal and System required by Presidential Policy Directive 8.
The plan shall include— identification of a risk management framework to be used to strengthen the security and resilience of critical infrastructure against terrorist threats; the methods to be used to prioritize critical infrastructure in the event of a terrorism event that impacts multiple infrastructure systems; the protocols to be used to synchronize communication and actions within the Federal Government to effectively respond to critical infrastructure terrorist threats or events; and a metrics and analysis process to be used to measure the Nation’s ability to manage and reduce terrorism risks to critical infrastructure.
The plan shall reflect the terrorism threat identification, prevention, mediation, and recovery relationships within the Department of Homeland Security and across the Federal Government identified under this Act and the updates to the public-private partnership model under this Act. The plan shall consider sector dependencies on energy and communications systems during a terrorism event, and identify pre-event and mitigation measures or alternate capabilities during disruptions to those systems.
The Secretary shall coordinate activities under this subsection with the SSAs, other relevant Federal departments and agencies, SLTTs, and critical infrastructure owners and operators. The plan shall include an analysis of the feasibility of developing terrorism response plans, based on research conducted on the resilience of critical infrastructure when faced with terrorism threats, that focus on action plans to achieve a level of function and eventual recovery of full operability of critical infrastructure post-cyber attack.
Within 2 years after the date of the enactment of this Act, the Secretary of Homeland Security, in coordination with the Office of Science and Technology Policy, the SSAs, the Department of Commerce, and other Federal departments and agencies, shall provide to the President, through the Assistant to the President for Homeland Security and Counter­terrorism, a National Critical Infrastructure Security and Resilience Research and Development Plan that takes into account the evolving threat landscape, annual metrics, and other relevant information to identify priorities and guide research and development requirements and investments.
The Secretary shall reissue the plan every 4 years after its initial issuance, and make interim updates as needed. Policy coordination, dispute resolution, and periodic in-progress reviews for the implementation of this Act shall be carried out consistent with Presidential Policy Directive 1, including the use of interagency policy committees coordinated by the national security staff. Nothing in this Act alters, supersedes, or impedes the authorities of Federal departments and agencies, including independent regulatory agencies, to carry out their functions and duties consistent with applicable legal authorities and other Presidential guidance and directives, including the designation of critical infrastructure under such authorities.
Connectionstraces to 1
Traces to 1 document
Citation graph
cites case law
Sec. 8
Implementation by Department of Homeland Security
U.S.C.§ 121
Cites 1Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.