[Congressional Bills 117th Congress]
[From the U.S. Government Publishing Office]
[H.R. 5960 Introduced in House (IH)]
<DOC>
117th CONGRESS
1st Session
H. R. 5960
To amend the Homeland Security Act of 2002 to provide for engagements
with State, local, Tribal, and territorial governments, and for other
purposes.
_______________________________________________________________________
IN THE HOUSE OF REPRESENTATIVES
November 12, 2021
Mr. Neguse introduced the following bill; which was referred to the
Committee on Homeland Security
_______________________________________________________________________
A BILL
To amend the Homeland Security Act of 2002 to provide for engagements
with State, local, Tribal, and territorial governments, and for other
purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``State and Local Government
Cybersecurity Act of 2021''.
SEC. 2. AMENDMENTS TO THE HOMELAND SECURITY ACT OF 2002.
Subtitle A of title XXII of the Homeland Security Act of 2002 (6
U.S.C. 651 et seq.) is amended--
(1) in section 2201 (6 U.S.C. 651), by adding at the end
the following:
``(7) SLTT entity.--The term `SLTT entity' means a domestic
government entity that is a State government, local government,
Tribal government, territorial government, or any subdivision
thereof.''; and
(2) in section 2209 (6 U.S.C. 659)--
(A) in subsection (c)(6), by inserting
``operational and'' before ``timely'';
(B) in subsection (d)(1)(E), by inserting ``,
including an entity that collaborates with election
officials,'' after ``governments''; and
(C) by adding at the end the following:
``(p) Coordination on Cybersecurity for SLTT Entities.--
``(1) Coordination.--The Center shall, upon request and to
the extent practicable, and in coordination as appropriate with
Federal and non-Federal entities, such as the Multi-State
Information Sharing and Analysis Center--
``(A) conduct exercises with SLTT entities;
``(B) provide operational and technical
cybersecurity training to SLTT entities to address
cybersecurity risks or incidents, with or without
reimbursement, related to--
``(i) cyber threat indicators;
``(ii) defensive measures;
``(iii) cybersecurity risks;
``(iv) vulnerabilities; and
``(v) incident response and management;
``(C) in order to increase situational awareness
and help prevent incidents, assist SLTT entities in
sharing, in real time, with the Federal Government, as
well as among SLTT entities, actionable--
``(i) cyber threat indicators;
``(ii) defensive measures;
``(iii) information about cybersecurity
risks or vulnerabilities; and
``(iv) information about incidents;
``(D) provide SLTT entities notifications
containing specific incident and malware information
that may affect them or their residents;
``(E) provide to, and periodically update, SLTT
entities via an easily accessible platform and other
means--
``(i) information about tools;
``(ii) information about products;
``(iii) resources;
``(iv) policies;
``(v) guidelines;
``(vi) controls; and
``(vii) other cybersecurity standards and
best practices and procedures related to
information security;
``(F) work with senior SLTT entity officials,
including chief information officers and senior
election officials and through national associations,
to coordinate the effective implementation by SLTT
entities of tools, products, resources, policies,
guidelines, controls, and standards and best practices
and procedures related to information security to
secure the information systems, including election
systems, of SLTT entities;
``(G) provide operational and technical assistance
to SLTT entities to implement tools, products,
resources, policies, guidelines, controls, and
standards and best practices and procedures on
information security;
``(H) assist SLTT entities in developing policies
and procedures for coordinating vulnerability
disclosures consistent with international and national
standards in the information technology industry; and
``(I) promote cybersecurity education and awareness
through engagements with Federal agencies and non-
Federal entities.
``(q) Report.--Not later than 1 year after the date of enactment of
this subsection, and every 2 years thereafter, the Secretary shall
submit to the Committee on Homeland Security and Governmental Affairs
of the Senate and the Committee on Homeland Security of the House of
Representatives a report on the services and capabilities that the
Agency directly and indirectly provides to SLTT entities.''.
<all>