Sec. 7. Congressional reporting
465 words·~2 min read·
/bill/117/s/2875/rs/section-7A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
Not later than 30 days after the date on which the Director issues the interim final rule under section 2232(b)(1) of the Homeland Security Act of 2002, as added by section 3(b) of this Act, the Director shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security of the House of Representatives a report that describes how the Director engaged stakeholders in the development of the interim final rule. Not later than 1 year after the date of enactment of this Act, the Director shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security of the House of Representatives a report describing how the Cyber Incident Review Office has carried out activities under section 2231(b)(9) of the Homeland Security Act of 2002, as added by section 3(b) of this Act, by proactively identifying opportunities to use cyber incident data to inform and enabling cybersecurity research within the academic and private sector.
Not later than 1 year after the date of enactment of this Act, and annually thereafter for the duration of the pilot program established under section 5, the Director shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security of the House of Representatives a report, which may include a classified annex, on the effectiveness of the pilot program, which shall include a discussion of the following: The effectiveness of the notifications under section 5(c) to mitigate security vulnerabilities and the threat of ransomware.
The identification of most common vulnerabilities utilized in ransomware. The number of notifications issued during the preceding year. To the extent practicable, the number of vulnerable devices or systems mitigated under this pilot by the Agency during the preceding year. Not later than 180 days after the date on which the National Cyber Director convenes the Council described in section 1752(c)(1)(H) of the William M.
(Mac)Thornberry National Defense Authorization Act for Fiscal Year 2021 ( 6 U.S.C. 1500(c)(1)(H) ), the National Cyber Director shall submit to the appropriate congressional committees a report that includes— a list of duplicative Federal cyber incident reporting requirements on covered entities and entities that make a ransom payment; any actions the National Cyber Director intends to take to harmonize the duplicative reporting requirements; and any proposed legislative changes necessary to address the duplicative reporting. Not later than 2 years after the date of enactment of this Act, the Comptroller General of the United States shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security of the House of Representatives a report on the implementation of this Act and the amendments made by this Act.
Connectionstraces to 1
Traces to 1 document
U.S. Code
Citation graph
cites case law
Sec. 7
Congressional reporting
Cites 1Cited by 0 across 0 sources