Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 117th Congress · S. 3894 (Introduced in Senate) — To amend the Homeland Security Act of 2002 to authorize the Secretary of Homeland Security to establish a continuous... · Sec. 3

Sec. 3. Federal intrusion detection and prevention system and continuous diagnostics and mitigation pilot program for State, local, Tribal, and territorial governments

572 words·~3 min read·/bill/117/s/3894/is/section-3·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

In this section— the terms local government and State have the meanings given those terms in section 3 of the Homeland Security Act of 2002 ( 6 U.S.C. 101 ); the term Secretary means the Secretary of Homeland Security; and the term Tribal government means the recognized governing body of any Indian or Alaska Native Tribe, band, nation, pueblo, village, community, component band, or component reservation, that is individually identified (including parenthetically) in the most recent list published pursuant to section 104 of the Federally Recognized Indian Tribe List Act of 1994 ( 25 U.S.C. 5131 ).
The Secretary shall conduct a Continuous Diagnostics and Mitigation Pilot Program with not less than 5 State, local, Tribal, or territorial governments to— promote the use of technologies and services in the continuous diagnostics and mitigation program described in subsection
(g)of section 2213 of the Homeland Security Act of 2002 ( 6 U.S.C. 663 ), as added by section 2 of this Act, at the State, local, Tribal, and territorial government level; with or without reimbursement, make accessing the technologies and services described in paragraph
(1)by State, local, Tribal, and territorial governments as affordable and simple as possible; promote the adoption of a zero trust security model in improving cybersecurity readiness at the State, local, Tribal, and territorial government level; and provide technical assistance in integrating continuous diagnostics and mitigation technologies and products into State, local, Tribal, and territorial government systems. In selecting a State, local, or Tribal government for participation in the pilot program established under subsection (b), the Secretary shall consider— the extent to which the State, local, Tribal, or territorial government aligns its cybersecurity policies with the Center for Internet Security Critical Security Controls, the National Institute of Standards and Technology Cybersecurity Framework, or other widely accepted cybersecurity frameworks; and the capability of the State, local, Tribal, or territorial government to deploy and maintain over time continuous diagnostics and mitigation products and services. The pilot program established under this section— may not require participants to utilize certain strategies or tools, and shall allow participants to select and integrate tools for meeting the objectives of the pilot program; and shall include comprehensive training curriculum and integration assistance to close the technical expertise gap between employees of State, local, Tribal, and territorial governments and employees of the Cybersecurity and Infrastructure Security Agency. Not later than 180 days after the date on which the pilot program terminates under this section, the Secretary shall submit to Congress a report that includes— an assessment of the replicability and the costs and benefits of conducting a permanent State, local, Tribal, and territorial government continuous diagnostics and mitigation program as described in subsection
(g)of section 2213 of the Homeland Security Act of 2002 ( 6 U.S.C. 663 ), as added by section 2 of this Act; the extent to which State, local, Tribal, and territorial governments in the pilot program adhere to widely accepted cybersecurity standards and frameworks and the impact that those policies have on potential widespread sub-Federal continuous diagnostics and mitigation integration; and an assessment of the cybersecurity readiness of participants in the pilot program established under this section prior to participation in the pilot program as compared to after completion of the pilot program. The authority to conduct the pilot program under subsections
(a)through
(d)shall terminate on the date that is 3 years after the date of enactment of this Act.
Connectionstraces to 3
Citation graph
cites case law
Sec. 3
Federal intrusion detection and prevention system and continuous diagnostics and mitigation pilot program for State, local, Tribal, and territorial governments
U.S.C.§ 101
U.S.C.§ 5131
U.S.C.§ 663
Cites 3Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.