Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · PUBLIC-PRIVATE-LAW · 117th Congress · Public Law 117-150

Public Law 117-150. State and Local Government Cybersecurity Act of 2021

766 words·~3 min read·/plaw/117/public/150

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

An Act To amend the Homeland Security Act of 2002 to provide for engagements with State, local, Tribal, and territorial governments, and for other purposes.June 21, 2022[[S. 2520](/us/bill/117/s/2520)] * Be it enacted by the Senate and House of Representa­tives of the United States of America in Congress assembled,* State and Local GovernmentCybersecurity Act of 2021. ## SECTION 1 SHORT TITLE [6 USC 101 note](/us/usc/t6/s101). This Act may be cited as the “State and Local Government Cybersecurity Act of 2021”. ## SEC. 2 AMENDMENTS TO THE HOMELAND SECURITY ACT OF 2002 Subtitle A of title XXII of the Homeland Security Act of 2002 ([6 U.S.C. 651 et seq.](/us/usc/t6/s651/etseq)) is amended— ####
(1)in section 2201 ( 6 U.S.C. 651 ), by adding at the end the following: > > #### “(7) SLTT entity > > The term ‘**SLTT entity**’ means a domestic government entity that is a State government, local government, Tribal government, territorial government, or any subdivision thereof.” > ; and ####
(2)in section 2209 ([6 U.S.C. 659](/us/usc/t6/s659))— #####
(A)in subsection (c)(6), by inserting “operational and” before “timely”; #####
(B)in subsection (d)(1)(E), by inserting “, including an entity that collaborates with election officials,” after “governments”; and #####
(C)by adding at the end the following: > > ### “(p) Coordination on Cybersecurity for SLTT Entities > > > #### “(1) Coordination > > The Center shall, upon request and to the extent practicable, and in coordination as appropriate with Federal and non-Federal entities, such as the Multi-State Information Sharing and Analysis Center— > > > ##### “(A) > > conduct exercises with SLTT entities; > > > ##### “(B) > > provide operational and technical cybersecurity training to SLTT entities to address cybersecurity risks or incidents, with or without reimbursement, related to— > > > ###### “(i) > > cyber threat indicators; > > > ###### “(ii) > > defensive measures; > > > ###### “(iii) > > cybersecurity risks; > > > ###### “(iv) > > vulnerabilities; and > > > ###### “(v) > > incident response and management; > > > ##### “(C) > > in order to increase situational awareness and help prevent incidents, assist SLTT entities in sharing, in real time, with the Federal Government as well as among SLTT entities, actionable— > > 136 STAT. 1296 > > > ###### “(i) > > cyber threat indicators; > > > ###### “(ii) > > defensive measures; > > > ###### “(iii) > > information about cybersecurity risks; and > > > ###### “(iv) > > information about incidents; > > > ##### “(D) > > provide SLTT entities notifications containing specific incident and malware information that may affect them or their residents; > > > ##### “(E) > > provide to, and periodically update, SLTT entities via an easily accessible platform and other means— > > > ###### “(i) > > information about tools; > > > ###### “(ii) > > information about products; > > > ###### “(iii) > > resources; > > > ###### “(iv) > > policies; > > > ###### “(v) > > guidelines; > > > ###### “(vi) > > controls; and > > > ###### “(vii) > > other cybersecurity standards and best practices and procedures related to information security, including, as appropriate, information produced by other Federal agencies; > > > ##### “(F) > > work with senior SLTT entity officials, including chief information officers and senior election officials and through national associations, to coordinate the effective implementation by SLTT entities of tools, products, resources, policies, guidelines, controls, and procedures related to information security to secure the information systems, including election systems, of SLTT entities; > > > ##### “(G) > > provide operational and technical assistance to SLTT entities to implement tools, products, resources, policies, guidelines, controls, and procedures on information security; > > > ##### “(H) > > assist SLTT entities in developing policies and procedures for coordinating vulnerability disclosures consistent with international and national standards in the information technology industry; and > > > ##### “(I) > > promote cybersecurity education and awareness through engagements with Federal agencies and non-Federal entities. > > > ### “(q) Report > > Not later than 1 year after the date of enactment of this subsection, and every 2 years thereafter, the Secretary shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland136 STAT. 1297 Security of the House of Representatives a report on the services and capabilities that the Agency directly and indirectly provides to SLTT entities.” > . Approved June 21, 2022.
Connections11 cite this · traces to 3
Citation graph
cites case law
Public Law 117-150
State and Local Government Cybersecurity Act of 2021
U.S.C.×8
Stat.×3
U.S.C.§ 101
U.S.C.§ 651
U.S.C.§ 659
Cites 3Cited by 11 across 2 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.