Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 117th Congress · H.R. 6497 (Introduced in House) — To modernize Federal information security management and improve Federal cybersecurity to combat persisting and emerg... · Sec. 206

Sec. 206. Implementing zero trust architecture

237 words·~1 min read·/bill/117/hr/6497/ih/section-206·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

The Director shall maintain guidance on the adoption of zero trust architecture and not later than 2 years after the date of the enactment of this Act, provide an update to the appropriate congressional committees on progress in increasing the internal defenses of agency systems through such adoption across the government, including— shifting away from trusted networks to implement security controls based on a presumption of compromise; implementing principles of least privilege in administering information security programs; limiting the ability of entities that cause incidents to move laterally through or between agency systems; identifying incidents quickly; isolating and removing unauthorized entities from agency systems as quickly as practicable, accounting for intelligence or law enforcement purposes; otherwise increasing the resource costs for entities that cause incidents to be successful; and a summary of the agency progress reports required under subsection (b).
Not later than 270 days after the date of the enactment of this Act, the head of each agency shall submit to the Director a progress report on implementing an information security program based on a zero trust architecture, which shall include— a description of any steps the agency has completed, including progress toward achieving any requirements issued by the Director, including the adoption of any models or reference architecture; an identification of activities that have not yet been completed and that would have the most immediate security impact; and a schedule to implement any planned activities.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.