Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 117th Congress · H.R. 6497 (Introduced in House) — To modernize Federal information security management and improve Federal cybersecurity to combat persisting and emerg... · Sec. 103

Sec. 103. Actions to enhance Federal incident response

631 words·~3 min read·/bill/117/hr/6497/ih/section-103

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Not later than 180 days after the date of the enactment of this Act, the Director of the Cybersecurity and Infrastructure Security Agency shall— develop a plan for the development of the analysis required under section 3597(a) of title 44, United States Code, as added by this Act, and the report required under subsection
(b)of that section that includes— a description of any challenges the Director anticipates encountering; and the use of automation and machine-readable formats for collecting, compiling, monitoring, and analyzing data; and provide to the appropriate congressional committees a briefing on the plan developed under subparagraph (A). Not later than 1 year after the date of the enactment of this Act, the Director of the Cybersecurity and Infrastructure Security Agency shall provide to the appropriate congressional committees a briefing on— the execution of the plan required under paragraph (1)(A); and the development of the report required under section 3597(b) of title 44, United States Code, as added by this Act. Section 2 of the Federal Information Security Modernization Act of 2014 ( Public Law 113–283 ; 44 U.S.C. 3554 note) is amended— by striking subsection (b); and by redesignating subsections
(c)through
(f)as subsections
(b)through (e), respectively. The Director shall develop guidance, to be updated not less frequently than once every 2 years, on the content, timeliness, and format of the information provided by agencies under section 3594(a) of title 44, United States Code, as added by this Act. Not later than 1 year after the date of the enactment of this Act, the Director shall develop guidance for agencies to implement the requirement under section 3594(c) of title 44, United States Code, as added by this Act, to provide information to other agencies experiencing incidents. Not later than 1 year after the date of the enactment of this Act, the Director, in consultation with the Director of the Cybersecurity and Infrastructure Security Agency, shall develop guidance and templates, to be reviewed and, if necessary, updated not less frequently than once every 2 years, for use by Federal agencies in the activities required under sections 3592, 3593, and 3596 of title 44, United States Code, as added by this Act. Not later than 1 year after the date of the enactment of this Act, the Director, in coordination with the Secretary of Homeland Security, the Secretary of Defense, the Administrator of General Services, and the heads of other agencies determined appropriate by the Director, shall issue guidance to Federal agencies on how to deconflict, to the greatest extent practicable, existing regulations, policies, and procedures relating to the responsibilities of contractors and awardees established under section 3595 of title 44, United States Code, as added by this Act. To the greatest extent practicable, the guidance issued under subparagraph
(A)shall allow contractors and awardees to use existing processes for notifying Federal agencies of incidents involving information of the Federal Government. Not less frequently than once every 2 years, the Director shall provide to the appropriate congressional committees an update on the guidance and templates developed under paragraphs
(2)through (4). Section 552a(b) of title 5, United States Code (commonly known as the Privacy Act of 1974 ) is amended— in paragraph (11), by striking or at the end; in paragraph (12), by striking the period at the end and inserting ; or ; and by adding at the end the following: to another agency in furtherance of a response to an incident (as defined in section 3552 of title 44) and pursuant to the information sharing requirements in section 3594 of title 44, if the head of the requesting agency has made a written request to the agency that maintains the record specifying the particular portion desired and the activity for which the record is sought. .
Connectionstraces to 2
Citation graph
cites case law
Sec. 103
Actions to enhance Federal incident response
Pub. L.Public Law 113-283
U.S.C.§ 3554
Cites 2Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.