Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · STATUTE-COMPILATIONS · National Defense Authorization Act for Fiscal Year 2022 · Sec. 1547

Sec. 1547. NATIONAL CYBER EXERCISE PROGRAM

1,056 words·~5 min read·/statute-compilations/comps-16861/sec-1547·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

## SEC. 1547 NATIONAL CYBER EXERCISE PROGRAM **[**[6 U.S.C. 665h](/us/usc/t6/s665h)**]** ###
(a)In General Subtitle A of title XXII of the Homeland Security Act of 2002 (6 U.S.C. 651 et seq.) is amended by adding at the end the following new section: > > ## “SEC. 2220B NATIONAL CYBER EXERCISE PROGRAM > > > ### “(a) Establishment of Program > > > #### “(1) In general > > There is established in the Agency the National Cyber Exercise Program (referred to in this section as the ‘Exercise Program’) to evaluate the National Cyber Incident Response Plan, and other related plans and strategies. > > > #### “(2) Requirements > > > ##### “(A) In general > > The Exercise Program shall be— > > > ###### “(i) > > based on current risk assessments, including credible threats, vulnerabilities, and consequences; > > > ###### “(ii) > > designed, to the extent practicable, to simulate the partial or complete incapacitation of a government or critical infrastructure network resulting from a cyber incident; > > > ###### “(iii) > > designed to provide for the systematic evaluation of cyber readiness and enhance operational understanding of the cyber incident response system and relevant information sharing agreements; and > > > ###### “(iv) > > designed to promptly develop after-action reports and plans that can quickly incorporate lessons learned into future operations. > > > ##### “(B) Model exercise selection > > The Exercise Program shall— > > > ###### “(i) > > include a selection of model exercises that government and private entities can readily adapt for use; and > > > ###### “(ii) > > aid such governments and private entities with the design, implementation, and evaluation of exercises that— > > > ###### “(I) > > conform to the requirements described in subparagraph (A); > > > ###### “(II) > > are consistent with any applicable national, State, local, or Tribal strategy or plan; and > > > ###### “(III) > > provide for systematic evaluation of readiness. > > > #### “(3) Consultation > > In carrying out the Exercise Program, the Director may consult with appropriate representatives from Sector Risk Management Agencies, the Office of the National Cyber Director, cybersecurity research stakeholders, and Sector Coordinating Councils. > > > ### “(b) Definitions > > In this section: > > > #### “(1) State > > The term ‘State’ means any State of the United States, the District of Columbia, the Commonwealth of Puerto Rico, the Northern Mariana Islands, the United States Virgin Islands, Guam, American Samoa, and any other territory or possession of the United States. > > > #### “(2) Private entity > > The term ‘private entity’ has the meaning given such term in section 102 of the Cybersecurity Information Sharing Act of 2015 (6 U.S.C. 1501). > > > ### “(c) Rule of Construction > > Nothing in this section shall be construed to affect the authorities or responsibilities of the Administrator of the Federal Emergency Management Agency pursuant to section 648 of the Post-Katrina Emergency Management Reform Act of 2006 (6 U.S.C. 748).” > . ###
(b)Title XXII Technical and Clerical Amendments ####
(1)Technical amendments #####
(A)Homeland security act of 2002 Subtitle A of title XXII of the Homeland Security Act of 2002 (6 U.S.C. 651 et seq.) is amended— ######
(i)in section 2202(c) (6 U.S.C. 652(c))— ######
(I)in paragraph (11), by striking “and” after the semicolon; ######
(II)in the first paragraph
(12)(relating to appointment of a Cybersecurity State Coordinator) by striking “as described in section 2215; and” and inserting “as described in section 2217;”; ######
(III)by redesignating the second paragraph
(12)(relating to the .gov internet domain) as paragraph (13); and ######
(IV)by redesignating the third paragraph
(12)(relating to carrying out such other duties and responsibilities) as paragraph (14); ######
(ii)in the first section 2215 (6 U.S.C. 665; relating to the duties and authorities relating to .gov internet domain), by amending the section enumerator and heading to read as follows: > > ## “SEC. 2215 DUTIES AND AUTHORITIES RELATING TO .GOV INTERNET DOMAIN” > ; ######
(iii)in the second section 2215 (6 U.S.C. 665b; relating to the joint cyber planning office), by amending the section enumerator and heading to read as follows: > > ## “SEC. 2216 JOINT CYBER PLANNING OFFICE” > ; ######
(iv)in the third section 2215 (6 U.S.C. 665c; relating to the Cybersecurity State Coordinator), by amending the section enumerator and heading to read as follows: > > ## “SEC. 2217 CYBERSECURITY STATE COORDINATOR” > ; ######
(v)in the fourth section 2215 (6 U.S.C. 665d; relating to Sector Risk Management Agencies), by amending the section enumerator and heading to read as follows: > > ## “SEC. 2218 SECTOR RISK MANAGEMENT AGENCIES” > ; ######
(vi)in section 2216 (6 U.S.C. 665e; relating to the Cybersecurity Advisory Committee), by amending the section enumerator and heading to read as follows: > > ## “SEC. 2219 CYBERSECURITY ADVISORY COMMITTEE” > ; ######
(vii)in section 2217 (6 U.S.C. 665f; relating to Cybersecurity Education and Training Programs), by amending the section enumerator and heading to read as follows: > > ## “SEC. 2220 CYBERSECURITY EDUCATION AND TRAINING PROGRAMS” > ; and ######
(viii)in section 2218 (6 U.S.C. 665g; relating to the State and Local Cybersecurity Grant Program), by amending the section enumerator and heading to read as follows: > > ## “SEC. 2220A STATE AND LOCAL CYBERSECURITY GRANT PROGRAM” > . #####
(B)Consolidated appropriations act, 2021 Paragraph
(1)of section 904(b) of division U of the Consolidated Appropriations Act, 2021 (Public Law 116-260) is amended, in the matter preceding subparagraph (A), by inserting “of 2002” after “Homeland Security Act”. ####
(2)Clerical amendment The table of contents in section 1(b) of the Homeland Security Act of 2002 is further amended by striking the items relating to sections 2214 through 2218 and inserting the following new items:" “Sec. 2214. National Asset Database. “Sec. 2215. Duties and authorities relating to .gov internet domain. “Sec. 2216. Joint cyber planning office. “Sec. 2217. Cybersecurity State Coordinator. “Sec. 2218. Sector Risk Management Agencies. “Sec. 2219. Cybersecurity Advisory Committee. “Sec. 2220. Cybersecurity Education and Training Programs. “Sec. 2220A. State and Local Cybersecurity Grant Program. “Sec. 2220B. National cyber exercise program.” ".
Connectionstraces to 13
Citation graph
cites case law
Sec. 1547
NATIONAL CYBER EXERCISE PROGRAM
U.S.C.§ 665h
U.S.C.§ 651
U.S.C.§ 1501
U.S.C.§ 748
U.S.C.§ 652
U.S.C.§ 665
U.S.C.§ 665b
U.S.C.§ 665c
U.S.C.§ 665d
Cites 13 · showing 9Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.