Text: S.2392 — 115th Congress (2017-2018)All Information (Except Text)

There is one version of the bill.

Text available as:

Shown Here:
Introduced in Senate (02/07/2018)


115th CONGRESS
2d Session
S. 2392


To amend the Homeland Security Act of 2002 to authorize the Secretary of Homeland Security to designate cybersecurity technologies that qualify for protection under systems of risk and litigation management.


IN THE SENATE OF THE UNITED STATES

February 7, 2018

Mr. Daines introduced the following bill; which was read twice and referred to the Committee on Homeland Security and Governmental Affairs


A BILL

To amend the Homeland Security Act of 2002 to authorize the Secretary of Homeland Security to designate cybersecurity technologies that qualify for protection under systems of risk and litigation management.

Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,

SECTION 1. Short title.

This Act may be cited as the “Cyber Support for Anti-Terrorism by Fostering Effective Technologies Act of 2018” or the “Cyber SAFETY Act of 2018”.

SEC. 2. Inclusion of qualifying cyber incidents.

Subtitle G of title VIII of the Homeland Security Act of 2002 (6 U.S.C. 441 et seq.) is amended—

(1) in section 862(b) (6 U.S.C. 441(b))—

(A) in the heading, by striking “Designation of qualified anti-terrorism technologies” and inserting “Designation of anti-Terrorism and cybersecurity technologies”;

(B) in the matter preceding paragraph (1), by inserting “or cybersecurity” after “anti-terrorism”;

(C) in paragraphs (3), (4), and (5), by inserting “or cybersecurity” after “anti-terrorism” each place that term appears; and

(D) in paragraph (7)—

(i) by inserting “or cybersecurity” after “Anti-terrorism”; and

(ii) by inserting “or qualifying cyber incidents” after “acts of terrorism”;

(2) in section 863 (6 U.S.C. 442)—

(A) by inserting “or cybersecurity” after “anti-terrorism” each place that term appears;

(B) by inserting “or qualifying cyber incident” after “act of terrorism” each place that term appears;

(C) by inserting “or qualifying cyber incidents” after “acts of terrorism” each place that term appears; and

(D) in subsection (d)(3)—

(i) by striking “(3) Certificate.—” and inserting the following: “(3) Certificates.—

“(A) CERTIFICATES FOR ANTI-TERRORISM TECHNOLOGIES.—

(ii) by adding at the end the following:

“(B) CERTIFICATES FOR CYBERSECURITY TECHNOLOGIES.—

“(i) IN GENERAL.—For cybersecurity technology reviewed and approved by the Secretary, the Secretary will issue a certificate of conformance to the Seller and place the cybersecurity technology on an Approved Product List for Homeland Security.

“(ii) SUBSEQUENT REVIEW.—Not less frequently than once every 2 years, the Secretary shall conduct a new review of any cybersecurity technology for which the Secretary issued a certification under clause (i).”;

(3) in section 864 (6 U.S.C. 443)—

(A) by inserting “or cybersecurity” after “anti-terrorism” each place that term appears; and

(B) by inserting “or qualifying cyber incident” after “act of terrorism” each place that term appears; and

(4) in section 865 (6 U.S.C. 444)—

(A) in paragraph (1)—

(i) in the heading, by inserting “or cybersecurity” after “anti-terrorism”;

(ii) by inserting “or cybersecurity” after “anti-terrorism”;

(iii) by inserting “or qualifying cyber incidents” after “acts of terrorism”; and

(iv) by inserting “or incidents” after “such acts”; and

(B) by adding at the end the following:

“(7) QUALIFYING CYBER INCIDENT.—The term ‘qualifying cyber incident’ has the meaning given the term ‘incident’ in section 3552(b) of title 44, United States Code.

“(8) FINAL AGENCY ACTION.—The determination by the Secretary that an act of terrorism or qualifying cyber incident has occurred shall constitute a final agency action subject to review under chapter 7 of title 5, United States Code.”.