Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 117th Congress · S. 2666 (Introduced in Senate) — To address threats relating to ransomware, and for other purposes. · Sec. 2

Sec. 2. Cybersecurity standards for critical infrastructure

253 words·~1 min read·/bill/117/s/2666/is/section-2

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Title XXII of the Homeland Security Act of 2002 ( 6 U.S.C. 651 et seq. ) is amended by adding at the end the following: In this subtitle, the term critical infrastructure entity means an owner or operator of critical infrastructure. The Secretary, in consultation with the Director of the Cybersecurity and Infrastructure Security Agency, shall develop and promulgate mandatory cybersecurity standards for critical infrastructure entities. In developing the cybersecurity standards required under subsection (a), the Secretary shall— to the greatest extent practicable, ensure the cybersecurity standards are consistent with Federal regulations existing as of the date on enactment of the Sanction and Stop Ransomware Act of 2021 ; and in coordination with the Director of the National Institute of Standards and Technology, ensure that the cybersecurity standards incorporate, to the greatest extent practicable, the standards developed with facilitation and support from the Director of the National Institute of Standards and Technology under section 2(c)(15) of the National Institute of Standards and Technology Act ( 15 U.S.C. 272(c)(15) ).
Not less frequently than annually, the Secretary, in coordination with the heads of Sector Risk Management Agencies, shall assess the compliance of each critical infrastructure entity with the cybersecurity standards developed under subsection (a). . The table of contents in section 1(b) of the Homeland Security Act of 2002 ( Public Law 107–296 ; 116 Stat. 2135) is amended by adding at the end the following: Subtitle C—Cybersecurity standards for critical infrastructure Sec. 2231.
Definition of critical infrastructure entity. Sec. 2232. Cybersecurity standards. .
Connectionstraces to 2
2 references not yet in our index
  • Pub. L. 107-296
  • 116 Stat. 2135
Citation graph
cites case law
Sec. 2
Cybersecurity standards for critical infrastructure
U.S.C.§ 651
U.S.C.§ 272
Pub. L.Pub. L. 107-296
Stat.116 Stat. 2135
Cites 4Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.