§ 663. Federal intrusion detection and prevention system
2,866 words·~13 min read·
/usc/title-6/section-663A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
(a)Definitions In this section—
(1)the term “agency” has the meaning given the term in section 3502 of title 44;
(2)the term “agency information” means information collected or maintained by or on behalf of an agency; 1
(3)the term “agency information system” has the meaning given the term in section 660 of this title; and 2
(b)Requirement
(1)In general Not later than 1 year after December 18, 2015, the Secretary shall deploy, operate, and maintain, to make available for use by any agency, with or without reimbursement—
(A)a capability to detect cybersecurity risks in network traffic transiting or traveling to or from an agency information system; and
(B)a capability to prevent network traffic associated with such cybersecurity risks from transiting or traveling to or from an agency information system or modify such network traffic to remove the cybersecurity risk.
(2)Regular improvement The Secretary shall regularly deploy new technologies and modify existing technologies to the intrusion detection and prevention capabilities described in paragraph
(1)as appropriate to improve the intrusion detection and prevention capabilities.
(c)Activities In carrying out subsection (b), the Secretary—
(1)may access, and the head of an agency may disclose to the Secretary or a private entity providing assistance to the Secretary under paragraph (2), information transiting or traveling to or from an agency information system, regardless of the location from which the Secretary or a private entity providing assistance to the Secretary under paragraph
(2)accesses such information, notwithstanding any other provision of law that would otherwise restrict or prevent the head of an agency from disclosing such information to the Secretary or a private entity providing assistance to the Secretary under paragraph (2);
(2)may enter into contracts or other agreements with, or otherwise request and obtain the assistance of, private entities to deploy, operate, and maintain technologies in accordance with subsection (b);
(3)may retain, use, and disclose information obtained through the conduct of activities authorized under this section only to protect information and information systems from cybersecurity risks;
(4)shall regularly assess through operational test and evaluation in real world or simulated environments available advanced protective technologies to improve detection and prevention capabilities, including commercial and noncommercial technologies and detection technologies beyond signature-based detection, and acquire, test, and deploy such technologies when appropriate;
(5)shall establish a pilot through which the Secretary may acquire, test, and deploy, as rapidly as possible, technologies described in paragraph (4); and
(6)shall periodically update the privacy impact assessment required under section 208(b) of the E-Government Act of 2002 (44 U.S.C. 3501 note).
(d)Principles In carrying out subsection (b), the Secretary shall ensure that—
(1)activities carried out under this section are reasonably necessary for the purpose of protecting agency information and agency information systems from a cybersecurity risk;
(2)information accessed by the Secretary will be retained no longer than reasonably necessary for the purpose of protecting agency information and agency information systems from a cybersecurity risk;
(3)notice has been provided to users of an agency information system concerning access to communications of users of the agency information system for the purpose of protecting agency information and the agency information system; and
(4)the activities are implemented pursuant to policies and procedures governing the operation of the intrusion detection and prevention capabilities.
(e)Private entities
(1)Conditions A private entity described in subsection (c)(2) may not—
(A)disclose any network traffic transiting or traveling to or from an agency information system to any entity other than the Department or the agency that disclosed the information under subsection (c)(1), including personal information of a specific individual or information that identifies a specific individual not directly related to a cybersecurity risk; or
(B)use any network traffic transiting or traveling to or from an agency information system to which the private entity gains access in accordance with this section for any purpose other than to protect agency information and agency information systems against cybersecurity risks or to administer a contract or other agreement entered into pursuant to subsection (c)(2) or as part of another contract with the Secretary.
(2)Limitation on liability No cause of action shall lie in any court against a private entity for assistance provided to the Secretary in accordance with this section and any contract or agreement entered into pursuant to subsection (c)(2).
(3)Rule of construction Nothing in paragraph
(2)shall be construed to authorize an Internet service provider to break a user agreement with a customer without the consent of the customer.
(f)Privacy Officer review Not later than 1 year after December 18, 2015, the Privacy Officer appointed under section 142 of this title, in consultation with the Attorney General, shall review the policies and guidelines for the program carried out under this section to ensure that the policies and guidelines are consistent with applicable privacy laws, including those governing the acquisition, interception, retention, use, and disclosure of communications.
(Pub. L. 107–296, title XXII, § 2213, formerly title II, § 230, as added Pub. L. 114–113, div. N, title II, § 223(a)(6), Dec. 18, 2015, 129 Stat. 2964; renumbered title XXII, § 2213, and amended Pub. L. 115–278, § 2(g)(2)(I), (9)(A)(vii), Nov. 16, 2018, 132 Stat. 4178, 4181; Pub. L. 117–263, div. G, title LXXI, § 7143(b)(2)(H), Dec. 23, 2022, 136 Stat. 3660.)
Connections47 cite this · traces to 16
Cited by 47 sections · top 28
public-private-law
U.S. Code
statutes-at-large
- Public Law 115–390To require the Secretary of Homeland Security to establish a security vulnerability disclosure policy, to establish a bug bounty program for the Department of Homeland Security, to amend title 41, United States Code, to provide for Federal acquisition supply chain security, and for other purposes
- Public Law 117–263To authorize appropriations for fiscal year 2023 for military activities of the Department of Defense, for military construction, and for defense activities of the Department of Energy, to prescribe military personnel strengths for such fiscal year, and for other purposes
- Public Law 117–81To authorize appropriations for fiscal year 2022 for military activities of the Department of Defense, for military construction, and for defense activities of the Department of Energy, to prescribe military personnel strengths for such fiscal year, and for other purposes
statute-compilations
- Sec. 2213FEDERAL INTRUSION DETECTION AND PREVENTION SYSTEM
- Sec. 101DEPARTMENT OF HOMELAND SECURITY DISCLOSURE OF SECURITY VULNERABILITIES
- Sec. 102DEPARTMENT OF HOMELAND SECURITY BUG BOUNTY PILOT PROGRAM
- Sec. 1544COMPETITION RELATING TO CYBERSECURITY VULNERABILITIES
- Sec. 7143CISA TECHNICAL CORRECTIONS AND IMPROVEMENTS
bill
- Sec. 2Establishment of continuous diagnostics and mitigation program in the Cybersecurity and Infrastructure Security Agency
- Sec. 2Establishment of continuous diagnostics and mitigation program in the Cybersecurity and Infrastructure Security Agency
- Sec. 6Coordinated disclosure of security vulnerabilities relating to covered devices
- Sec. 303Establishment of continuous diagnostics and mitigation program in the Cybersecurity and Infrastructure Security Agency
- Sec. 7143CISA technical corrections and improvements
- Sec. 7143CISA technical corrections and improvements
- Sec. 2Establishment of Federal intrusion detection and prevention system and continuous diagnostics and mitigation program in the Cybersecurity and Infrastructure Security Agency
- Sec. 3Federal intrusion detection and prevention system and continuous diagnostics and mitigation pilot program for State, local, Tribal, and territorial governments
- Sec. 4conforming amendments
- Sec. 4conforming amendments
- Sec. 4conforming amendments
- Sec. 5conforming amendments
Traces to 16 documents
U.S. Code
- Definitions§ 3502
- Cybersecurity plans§ 660
- Purposes§ 3501
- Privacy officer§ 142
- National cybersecurity and communications integration center§ 659
- Definitions§ 650
- Fraud and related activity in connection with computers§ 1030
- Definitions§ 1001
- Definitions§ 1501
- Federal intrusion detection and prevention system§ 663
- Definitions§ 1521
public-private-law
- Consolidated Appropriations Act, 2016Public Law 114-113
- Cybersecurity and Infrastructure Security Agency Act of 2018Public Law 115-278
- James M. Inhofe National Defense Authorization Act for Fiscal Year 2023Public Law 117-263
- National Defense Authorization Act for Fiscal Year 2022Public Law 117-81
- Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology ActPublic Law 115-390
15 references not yet in our index
- 1
- 2
- Pub. L. 107–296, title XXII, § 2213
- 129 Stat. 2964
- 132 Stat. 4178
- 136 Stat. 3660
- section 208(b) of title II of Pub. L. 107–347
- section 151 of this title
- section 149 of this title
- section 148 of this title
- 135 Stat. 2057
- 132 Stat. 5173
- 132 Stat. 5175
- 129 Stat. 2966
- 132 Stat. 4182
Citation graph
cites case law
§ 663
Federal intrusion detection and prevention system
Bills×23
U.S.C.×11
Stat. Comp.×5
Pub. L.×4
Stat.×4
Cite1
Cite2
Pub. L.Pub. L. 107–296, title XXII, § 2213
Cites 31 · showing 12Cited by 47 across 5 sources