Sec. 1744. NATIONAL CYBER EXERCISES
1,105 words·~5 min read·
/statute-compilations/comps-16736/sec-1744A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
## SEC. 1744 NATIONAL CYBER EXERCISES **[**[6 U.S.C. 651 note](/us/usc/t6/s651)**]** ###
(a)Requirement Not later than December 31, 2023, the Secretary of Homeland Security, in coordination with the Director of National Intelligence, the Attorney General, and the Secretary of Defense, shall conduct an exercise, which may be a tabletop exercise, to test the resilience, response, and recovery of the United States to a significant cyber incident impacting critical infrastructure. The Secretary shall convene similar exercises not fewer than three times, in consultation with such officials, until 2033. ###
(b)Planning and Preparation The exercises required under subsection
(a)shall be prepared by— ####
(1)appropriate personnel from— #####
(A)the Department of Homeland Security; #####
(B)the Department of Defense; and #####
(C)the Department of Justice; and ####
(2)appropriate elements of the intelligence community, identified by the Director of National Intelligence. ###
(c)Submission to Congress For each fiscal year in which an exercise is planned, the Secretary, in coordination with the Director of National Intelligence, the Attorney General, and the Secretary of Defense, shall submit to the appropriate congressional committees a plan for the exercise not later than 180 days prior to the exercise. Each such plan shall include information regarding the goals of the exercise at issue, how the exercise is to be carried out, where and when the exercise will take place, how many individuals are expected to participate from each Federal agency specified in subsection (b), and the costs or other resources associated with the exercise. ###
(d)Participants ####
(1)Federal government participants Appropriate personnel from the following Federal agencies shall participate in each exercise required under subsection (a): #####
(A)The Department of Homeland Security. #####
(B)The Department of Defense, as identified by the Secretary of Defense. #####
(C)Elements of the intelligence community, as identified by the Director of National Intelligence. #####
(D)The Department of Justice, as identified by the Attorney General. #####
(E)Sector-specific agencies, as determined by the Secretary of Homeland Security. ####
(2)State and local governments The Secretary shall invite representatives from State, local, and Tribal governments to participate in each exercise required under subsection
(a)if the Secretary determines such is appropriate. ####
(3)Private entities Depending on the nature of an exercise being conducted under subsection (a), the Secretary, in consultation with the senior representative of the sector-specific agencies participating in such exercise in accordance with paragraph (1)(E), shall invite the following individuals to participate: #####
(A)Representatives from appropriate private entities. #####
(B)Other individuals whom the Secretary determines will best assist the United States in preparing for, and defending against, a significant cyber incident impacting critical infrastructure. ####
(4)International partners Depending on the nature of an exercise being conducted under subsection (a), the Secretary may, in coordination with the Secretary of State, invite allies and partners of the United States to participate in such exercise. ###
(e)Observers The Secretary may invite representatives from the executive and legislative branches of the Federal Government to observe an exercise required under subsection (a). ###
(f)Elements Each exercise required under subsection
(a)shall include the following elements: ####
(1)Exercising the orchestration of cybersecurity response and the provision of cyber support to Federal, State, local, and Tribal governments and private entities, including the exercise of the command, control, and deconfliction of— #####
(A)operational responses through interagency coordination processes and response groups; and #####
(B)each Federal agency participating in such exercise in accordance with subsection (d)(1). ####
(2)Testing of the information sharing needs and capabilities of exercise participants. ####
(3)Testing of the relevant policy, guidance, and doctrine, including the National Cyber Incident Response Plan of the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security. ####
(4)Testing of the integration and interoperability between the entities participating in the exercise in accordance with subsection (d). ####
(5)Exercising the integration and interoperability of the cybersecurity operation centers of the Federal Government, as appropriate, in coordination with appropriate cabinet level officials. ###
(g)Briefing ####
(1)In general Not later than 180 days after the date on which each exercise required under subsection
(a)is conducted, the Secretary shall provide to the appropriate congressional committees a briefing on the exercise. ####
(2)Contents Each briefing required under paragraph
(1)shall include— #####
(A)an assessment of the decision and response gaps observed in the exercise at issue; #####
(B)proposed recommendations to improve the resilience, response, and recovery of the United States to a significant cyber attack against critical infrastructure; and #####
(C)appropriate plans to address the recommendations proposed under subparagraph (B). ###
(h)Repeal Subsection
(b)of section 1648 of the National Defense Authorization Act for Fiscal Year 2016 (Public Law 114-92; 129 Stat. 1119) is repealed. ###
(i)Definitions In this section: ####
(1)Appropriate congressional committees The term “appropriate congressional committees” means— #####
(A)the Committee on Armed Services of the Senate; #####
(B)the Committee on Armed Services of the House of Representatives; #####
(C)the Committee on Homeland Security and Governmental Affairs of the Senate; #####
(D)the Committee on Homeland Security of the House of Representatives; #####
(E)the Select Committee on Intelligence of the Senate; #####
(F)the Permanent Select Committee on Intelligence of the House of Representatives; #####
(G)the Committee on the Judiciary of the Senate; #####
(H)the Committee on the Judiciary of the House of Representatives; #####
(I)the Committee on Commerce, Science, and Transportation of the Senate; #####
(J)the Committee on Science, Space, and Technology of the House of Representatives; #####
(K)the Committee on Foreign Relations of the Senate; and #####
(L)the Committee on Foreign Affairs of the House of Representatives. ####
(2)Element of the intelligence community The term “element of the intelligence community” means an element specified or designated under section 3 of the National Security Act of 1947 (50 U.S.C. 3003). ####
(3)Private entity The term “private entity” has the meaning given the term in section 102 of the Cybersecurity Information Sharing Act of 2015 (6 U.S.C. 1501). ####
(4)Secretary The term “Secretary” means the Secretary of Homeland Security. ####
(5)Sector-specific agency The term “sector-specific agency” has the meaning given the term “Sector-Specific Agency” in section 2201 of the Homeland Security Act of 2002 (6 U.S.C. 651). ####
(6)State The term “State” means any State of the United States, the District of Columbia, the Commonwealth of Puerto Rico, the Northern Mariana Islands, the United States Virgin Islands, Guam, American Samoa, and any other territory or possession of the United States.
Connectionstraces to 4
Traces to 4 documents
1 reference not yet in our index
- 129 Stat. 1119
Citation graph
cites case law
Sec. 1744
NATIONAL CYBER EXERCISES
Stat.129 Stat. 1119
Cites 5Cited by 0 across 0 sources