[Congressional Bills 119th Congress]
[From the U.S. Government Publishing Office]
[S. 1902 Introduced in Senate (IS)]
<DOC>
119th CONGRESS
1st Session
S. 1902
To require the Secretary of Energy to establish an energy threat
analysis program, and for other purposes.
_______________________________________________________________________
IN THE SENATE OF THE UNITED STATES
May 22, 2025
Mr. Risch (for himself and Mr. Hickenlooper) introduced the following
bill; which was read twice and referred to the Committee on Energy and
Natural Resources
_______________________________________________________________________
A BILL
To require the Secretary of Energy to establish an energy threat
analysis program, and for other purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Energy Threat Analysis Program Act
of 2025'' or the ``ETAP Act of 2025''.
SEC. 2. DEFINITIONS.
In this Act:
(1) Department.--The term ``Department'' means the
Department of Energy.
(2) Program.--The term ``Program'' means the energy threat
analysis program established under section 3.
(3) Secretary.--The term ``Secretary'' means the Secretary
of Energy.
SEC. 3. ENERGY THREAT ANALYSIS PROGRAM.
(a) In General.--As part of the program developed under section
40125(c) of the Infrastructure Investment and Jobs Act (42 U.S.C.
18724(c)), the Secretary shall establish an energy threat analysis
program--
(1) under which the Office of Cybersecurity, Energy
Security, and Emergency Response, in consultation with the
Office of Intelligence and Counterintelligence, may establish,
for activities of the program to advance public-private
operational collaboration--
(A) an Energy Threat Analysis Center as a physical
location; and
(B) any other additional facilities, as necessary;
(2) to enhance situational awareness of threats to the
security of the energy sector;
(3) to analyze threats against the security of the energy
sector;
(4) to identify relevant security threat mitigation
measures for energy systems;
(5) to support relevant response and restoration activities
for the energy sector under existing constructs;
(6) to inform research and development activities in
support of the security of critical energy systems,
technologies, and components;
(7) to conduct other security and resilience efforts
identified by the Secretary;
(8) to enhance and periodically test the emergency response
capabilities of the Department;
(9) to expand cooperation of the Department with the
intelligence community for energy sector-related threat
collection and analysis;
(10) to enhance the tools of the Department and the
Electricity Information Sharing and Analysis Center for
monitoring the status of the energy sector; and
(11) to expand industry participation in the Electricity
Information Sharing and Analysis Center.
(b) Administration.--The Program shall be--
(1) directed by the Secretary;
(2) managed by the Office of Cybersecurity, Energy
Security, and Emergency Response; and
(3) supported by the Office of Intelligence and
Counterintelligence.
(c) Functions.--The functions of the Program shall include--
(1) supporting public-private operational collaboration for
the government and industry--
(A) to develop actionable operational information
relating to threats to the security of the energy
sector; and
(B) to develop and offer meaningful threat
mitigation advice and actions to enhance--
(i) the defense of, and response to
security threats to, the energy sector; and
(ii) the resilience of the United States
energy sector;
(2) enabling collaboration in the production and exchange
of information on threat activity among government and industry
to address energy security and resilience and shared energy
sector security threats relating to national security, public
health, safety, and the economy;
(3) improving detailed understanding of national security
risks associated with the energy sector that are or could be
exploited by adversaries, including nation-states;
(4) achieving a deeper understanding of the tactics,
capabilities, and activities of threat actors that have the
potential to impact systemic risks to the energy sector; and
(5) facilitating increased collaboration between government
and industry, including the sharing of information regarding
actual acute threat activity, including incidents, in a secure
setting, physical and virtual, to facilitate the energy
security and resilience of the United States.
(d) Coordination and Integration.--In carrying out the
responsibilities of the Program, the Program shall--
(1) align priorities of and enable support from--
(A) the Department of Homeland Security, including
the Cybersecurity and Infrastructure Security Agency;
(B) the Department of Defense, including United
States Cyber Command, the National Security Agency, and
the Army Interagency Training and Education Center of
the National Guard Bureau;
(C) the Department of Justice, including the
Federal Bureau of Investigation;
(D) the Office of the Director of National
Intelligence; and
(E) other Federal agencies and departments, as
determined by the Secretary;
(2) ensure that the processes used by the Program are
performed in collaboration with the activities of the
Department of Homeland Security and the Department of Defense
relating to cybersecurity, including--
(A) the Joint Cyber Defense Collaborative of the
Cybersecurity and Infrastructure Security Agency; and
(B) the Cybersecurity Collaboration Center and
Enduring Security Framework of the National Security
Agency;
(3) regularly consult with appropriate representatives of
non-Federal entities, such as--
(A) State, local, federally recognized Tribal, and
territorial governments;
(B) information sharing and analysis organizations,
including information sharing and analysis centers such
as the Electricity Information Sharing and Analysis
Center; and
(C) other appropriate representatives or entities,
including private entities, such as manufacturers and
vendors, that contribute to the energy sector, as
determined by the Secretary;
(4) leverage the existing capabilities and services of
advanced technology providers, including--
(A) National Laboratories with relevant
capabilities;
(B) commercial threat intelligence production and
cyber incident response entities; and
(C) energy infrastructure vendors and integrators;
and
(5) as appropriate, protect information submitted to and
shared by the Program consistent with applicable laws,
regulations, policies, and procedures.
(e) No Right or Benefit.--
(1) In general.--The provision of assistance or information
to governmental or private entities under this section shall be
at the sole and unreviewable discretion of the Secretary.
(2) Certain assistance or information.--The provision of
certain assistance or information to a governmental or private
entity pursuant to this section shall not create a right or
benefit, substantive or procedural, for any other governmental
or private entity to similar assistance or information.
(f) Entities of Concern.--No entity of concern (as defined in
section 10114(a) of the Research and Development, Competition, and
Innovation Act (42 U.S.C. 18912(a))) shall participate in any manner in
carrying out the functions of the Program.
(g) Termination.--The Program shall terminate on the date that is
10 years after the date of enactment of this Act.
(h) Nonapplicability of FACA.--The Program shall be exempt from
complying with the requirements of chapter 10 of title 5, United States
Code (including regulations).
(i) Exemption From Disclosure.--Information shared by or with the
Federal Government or a State, Tribal, or local government under this
Act shall be--
(1) deemed to be voluntarily shared information;
(2) exempt from disclosure under section 552 of title 5,
United States Code, or any provision of any State, Tribal, or
local freedom of information law, open government law, open
meetings law, open records law, sunshine law, or similar law
requiring the disclosure of information or records; and
(3) withheld from the public, without discretion, under
section 552(b)(3) of title 5, United States Code, or any
provision of any State, Tribal, or local law requiring the
nondisclosure of sensitive information or records.
(j) Report.--The Secretary shall submit to Congress an annual
report that describes, for the year covered by the report--
(1) the achievements of the Program; and
(2) areas for improvement with respect to the activities
and operations of the Program.
(k) Authorization of Appropriations.--There is authorized to be
appropriated to the Secretary to carry out this section $50,000,000 for
the period of fiscal years 2025 through 2029.
<all>