Sec. 2876. Incorporation of cyber supply chain risk management tools and methods in the energy performance master plan
413 words·~2 min read·
/bill/118/hr/2670/eh/section-2876·A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
Section 2911 of title 10, United States Code, is amended— in subsection (e), by adding at the end the following new paragraph: The use of cyber supply chain risk management tools and methods for continuous analysis, monitoring, and mitigation of cyber risk. ; and by adding at the end the following new subsection: In incorporating cyber supply chain risk management tools and methods in the energy performance master plan under subsection (d), the Secretary concerned shall— prioritize the adoption of such tools and methods that are commercially available; use existing databases on cyber vulnerabilities when selecting such tools and methods for use in energy projects; and ensure that such tools and methods provide continuous analysis, monitoring, and mitigation of cyber risk in energy projects.
In incorporating cyber supply chain risk management tools and methods under paragraph (1), the Secretary concerned shall incorporate all funding available to such Secretary for such measures, including funds appropriated under section 2914 of this title (commonly referred to as the Energy Resilience and Conservation Investment Program ). . Not later than 12 months after the date of the enactment of this Act, the Secretary of Defense shall submit to the congressional defense committees a report analyzing the implementation of (a).
Such report shall include the following: Progress in implementing cyber supply chain risk management tools and methods. An analysis of the implementation of Executive Order No. 14017 titled America’s Supply Chians (86 Fed. Reg. 11849) and Executive Order No. 14028 titled Improving the Nation's Cybersecurity (86 Fed. Reg. 26633) in projects that receive or will receive funds under section 2914 of title 10, United States Code, (commonly referred to as the Energy Resilience and Conservation Investment Program ).
A description of the execution of cybersecurity recommendations in the February 2022 report of the Department of Defense titled Securing Defense-Critical Supply Chains ; Progress in using commercially available cyber supply chain risk management tools and methods to provide continuous analysis, monitoring, and mitigation of cyber risk in energy projects. An analysis of the effect of such tools and methods on energy resilience and energy security on military installations receiving funding under the Energy Resilience and Conservation Investment Program.
Recommendations and best practices for implementing such tools and methods on military installations. Recommendations on implementation of such tools and methods in all energy and infrastructure programs on military installations that use Facility Related Control Systems Cybersecurity, accounting for the effect of such tools on readiness, energy security, and energy resiliency.
Connectionstraces to 1
Traces to 1 document
register
2 references not yet in our index
- 86 FR 11849
- 86 FR 26633
Citation graph
cites case law
Sec. 2876
Incorporation of cyber supply chain risk management tools and methods in the energy performance master plan
Fed. Reg.86 FR 11849
Fed. Reg.86 FR 26633
Cites 3Cited by 0 across 0 sources