Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 117th Congress · S. 1605 (EAH) — 117 S1605 EAH: National Defense Authorization Act for Fiscal Year 2022 · Sec. 1521

Sec. 1521. Enterprise-wide procurement of cyber data products and services

600 words·~3 min read·/bill/117/s/1605/eah/section-1521·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Not later than one year after the date of the enactment of this Act, the Secretary of Defense shall designate an executive agent for Department of Defense-wide procurement of cyber data products and services. The executive agent shall establish a program management office responsible for such procurement, and the program manager of such program office shall be responsible for the following: Surveying components of the Department for the cyber data products and services needs of such components.
Conducting market research of cyber data products and services. Developing or facilitating development of requirements, both independently and through consultation with components, for the acquisition of cyber data products and services. Developing and instituting model contract language for the acquisition of cyber data products and services, including contract language that facilitates components’ requirements for ingesting, sharing, using and reusing, structuring, and analyzing data derived from such products and services.
Conducting procurement of cyber data products and services on behalf of the Department of Defense, including negotiating contracts with a fixed number of licenses based on aggregate component demand and negotiation of extensible contracts. Carrying out the responsibilities specified in paragraphs
(1)through
(5)with respect to the cyber data products and services needs of the Cyberspace Operations Forces, such as cyber data products and services germane to cyberspace topology and identification of adversary threat activity and infrastructure, including— facilitating the development of cyber data products and services requirements for the Cyberspace Operations Forces, conducting market research regarding the future cyber data products and services needs of the Cyberspace Operations Forces, and conducting acquisitions pursuant to such requirements and market research; coordinating cyber data products and services acquisition and management activities with Joint Cyber Warfighting Architecture acquisition and management activities, including activities germane to data storage, data management, and development of analytics; implementing relevant Department of Defense and United States Cyber Command policy germane to acquisition of cyber data products and services; leading or informing the integration of relevant datasets and services, including Government-produced threat data, commercial cyber threat information, collateral telemetry data, topology-relevant data, sensor data, and partner-provided data; and facilitating the development of tradecraft and operational workflows based on relevant cyber data products and services. In implementing this section, each component of the Department of Defense shall coordinate its cyber data products and services requirements and potential procurement plans relating to such products and services with the program management office established pursuant to subsection
(a)so as to enable such office to determine if satisfying such requirements or procurement of such products and services on an enterprise-wide basis would serve the best interests of the Department. Beginning not later than 540 days after the date of the enactment of this Act, no component of the Department of Defense may independently procure a cyber data product or service that has been procured by the program management office established pursuant to subsection (a), unless— such component is able to procure such product or service at a lower per-unit price than that available through such office; or such office has approved such independent purchase. United States Cyber Command and the National Security Agency may conduct joint procurements of products and services, including cyber data products and services, except that the requirements of subsections
(b)and
(c)shall not apply to the National Security Agency. In this section, the term cyber data products and services means commercially-available datasets and analytic services germane to offensive cyber, defensive cyber, and DODIN operations, including products and services that provide technical data, indicators, and analytic services relating to the targets, infrastructure, tools, and tactics, techniques, and procedures of cyber threats.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.