Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 117th Congress · S. 2875 (Reported in Senate) — To amend the Homeland Security Act of 2002 to establish the Cyber Incident Review Office in the Cybersecurity and Inf... · Sec. 4

Sec. 4. Federal sharing of incident reports

386 words·~2 min read·/bill/117/s/2875/rs/section-4·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Notwithstanding any other provision of law or regulation, any Federal agency that receives a report from an entity of a cyber attack, including a ransomware attack, shall provide all such information to the Director of the Cybersecurity Infrastructure Security Agency not later than 24 hours after receiving the report, unless a shorter period is required by an agreement made between the Cyber Incident Review Office established under section 2231 of the Homeland Security Act of 2002, as added by section 3(b) of this Act, and another Federal entity. Section 1752(c)(1) of the William M.
(Mac)Thornberry National Defense Authorization Act for Fiscal Year 2021 ( 6 U.S.C. 1500(c)(1) ) is amended— in subparagraph (G), by striking and at the end; by redesignating subparagraph
(H)as subparagraph (I); and by inserting after subparagraph
(G)the following: lead an intergovernmental Cyber Incident Reporting Council, in coordination with the Director of the Office of Management and Budget and the Director of the Cybersecurity and Infrastructure Security Agency and in consultation with Sector Risk Management Agencies (as defined in section 2201 of the Homeland Security Act of 2002 ( 6 U.S.C. 651 )) and other appropriate Federal agencies, to coordinate, deconflict, and harmonize Federal incident reporting requirements, including those issued through regulations, for covered entities (as defined in section 2230 of such Act) and entities that make a ransom payment (as defined in such section 2201 ( 6 U.S.C. 651 )); and . The National Cyber Director shall, in consultation with the Director, the Cyber Incident Reporting Council described in section 1752(c)(1)(H) of the William M.
(Mac)Thornberry National Defense Authorization Act for Fiscal Year 2021 ( 6 U.S.C. 1500(c)(1)(H) ), and the Director of the Office of Management and Budget, to the maximum extent practicable— review existing regulatory requirements, including the information required in such reports, to report cyber incidents and ensure that any such reporting requirements and procedures avoid conflicting, duplicative, or burdensome requirements; and coordinate with the Director and regulatory authorities that receive reports relating to cyber incidents to identify opportunities to streamline reporting processes, and where feasible, facilitate interagency agreements between such authorities to permit the sharing of such reports, consistent with applicable law and policy, without impacting the ability of such agencies to gain timely situational awareness of a covered cyber incident or ransom payment.
Connectionstraces to 2
Citation graph
cites case law
Sec. 4
Federal sharing of incident reports
U.S.C.§ 1500
U.S.C.§ 651
Cites 2Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.