Res Communis Blog RSS

S. 2519: National Cybersecurity and Communications Integration Center Act of 2014

at 08:50 | Cyber Law | Comments Off on S. 2519: National Cybersecurity and Communications Integration Center Act of 2014

by

S. 2519: National Cybersecurity and Communications Integration Center Act of 2014 was introduced on June 25, 2014 by Sen. Thomas Carper:

S.2519 — National Cybersecurity and Communications Integration Center Act of 2014 (Introduced in Senate – IS)

S 2519 IS

113th CONGRESS
2d Session

S. 2519
To codify an existing operations center for cybersecurity.

IN THE SENATE OF THE UNITED STATES
June 24, 2014

Mr. CARPER (for himself and Mr. COBURN) introduced the following bill; which was read twice and referred to the Committee on Homeland Security and Governmental Affairs

A BILL
To codify an existing operations center for cybersecurity.

Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.

This Act may be cited as the `National Cybersecurity and Communications Integration Center Act of 2014′.
SEC. 2. NATIONAL CYBERSECURITY AND COMMUNICATIONS INTEGRATION CENTER.

(a) In General- Subtitle A of title II of the Homeland Security Act of 2002 (6 U.S.C. 121 et seq.) is amended by adding at the end the following:
`SEC. 210G. OPERATIONS CENTER.

`(a) Functions- There is in the Department an operations center, which may carry out the responsibilities of the Under Secretary appointed under section 103(a)(1)(H) with respect to security and resilience, including by–
`(1) serving as a Federal civilian information sharing interface for cybersecurity;
`(2) providing shared situational awareness to enable real-time, integrated, and operational actions across the Federal Government;
`(3) sharing cybersecurity threat, vulnerability, impact, and incident information and analysis by and among Federal, State, and local government entities and private sector entities;
`(4) coordinating cybersecurity information sharing throughout the Federal Government;
`(5) conducting analysis of cybersecurity risks and incidents;
`(6) upon request, providing timely technical assistance to Federal and non-Federal entities with respect to cybersecurity threats and attribution, vulnerability mitigation, and incident response and remediation; and
`(7) providing recommendations on security and resilience measures to Federal and non-Federal entities.
`(b) Composition- The operations center shall be composed of–
`(1) personnel or other representatives of Federal agencies, including civilian and law enforcement agencies and elements of the intelligence community, as such term is defined under section 3(4) of the National Security Act of 1947 (50 U.S.C. 3003(4)); and
`(2) representatives from State and local governments and other non-Federal entities, including–
`(A) representatives from information sharing and analysis organizations; and
`(B) private sector owners and operators of critical information systems.
`(c) Annual Report- Not later than 1 year after the date of enactment of the National Cybersecurity and Communications Integration Center Act of 2014, and every year thereafter for 3 years, the Secretary shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security of the House of Representatives a report on the operations center, which shall include–
`(1) an analysis of the performance of the operations center in carrying out the functions under subsection (a);
`(2) information on the composition of the center, including–
`(A) the number of representatives from non-Federal entities that are participating in the operations center, including the number of representatives from States, nonprofit organizations, and private sector entities, respectively; and
`(B) the number of requests from non-Federal entities to participate in the operations center and the response to such requests, including–
`(i) the average length of time to fulfill such identified requests by the Federal agency responsible for fulfilling such requests; and
`(ii) a description of any obstacles or challenges to fulfilling such requests; and
`(3) the policies and procedures established by the operations center to safeguard privacy and civil liberties.
`(d) GAO Report- Not later than 1 year after the date of enactment of the National Cybersecurity and Communications Integration Center Act of 2014, the Comptroller General of the United States shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security of the House of Representatives a report on the effectiveness of the operations center.
`(e) No Right or Benefit- The provision of assistance or information to, and inclusion in the operations center of, governmental or private entities under this section shall be at the discretion of the Under Secretary appointed under section 103(a)(1)(H). The provision of certain assistance or information to, or inclusion in the operations center of, one governmental or private entity pursuant to this section shall not create a right or benefit, substantive or procedural, to similar assistance or information for any other governmental or private entity.’.
(b) Technical and Conforming Amendment- The table of contents in section 1(b) of the Homeland Security Act of 2002 (6 U.S.C. 101 note) is amended by inserting after the item relating to section 210F the following:
`Sec. 210G. Operations center.’.