Sec. 302. Active cyber defensive study
198 words·~1 min read·
/bill/117/hr/6497/ih/section-302A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
In this section, the term active defense technique has the meaning given in guidance issued by the Director, in coordination with the Attorney General. Not later than 180 days after the date of the enactment of this Act, the Director of the Cybersecurity and Infrastructure Security Agency, in coordination with the Director and the National Cyber Director, shall perform a study on the use of active defense techniques to enhance the security of agencies, which shall include— a review of legal restrictions on the use of different active cyber defense techniques in Federal environments, in consultation with the Attorney General; an evaluation of— the efficacy of a selection of active defense techniques determined by the Director of the Cybersecurity and Infrastructure Security Agency; and factors that impact the efficacy of the active defense techniques evaluated under subparagraph (A); recommendations on safeguards and procedures that shall be established to require that active defense techniques are adequately coordinated to ensure that active defense techniques do not impede agency operations and mission delivery, threat response efforts, criminal investigations, and national security activities, including intelligence collection; and the development of a framework for the use of different active defense techniques by agencies.