Vote Smart's Synopsis:

Vote to pass a bill that establishes the National Cybersecurity Council with the purpose of monitoring and protecting critical cyber infrastructure.

Highlights:

• Establishes the National Cybersecurity Council to identify critical cyber infrastructure, assess risks to it, and convince the private sector to voluntarily adopt certain cybersecurity practices (Sec. 101).

• Defines “critical cyber infrastructure” as critical infrastructure to which damage or unauthorized access could cause a significant loss of life, mass evacuation, economic damage, or damage to security capabilities (Sec. 102).

• Establishes the Voluntary Cybersecurity Program for Critical Infrastructure to certify critical infrastructure owners meet certain cybersecurity practices (Sec. 104).

• Specifies that participants certified under the Voluntary Cybersecurity Program for Critical Infrastructure will receive (Sec. 104):
• Liability protection from punitive damages;
• Expedited security clearances;
• Prioritized technical assistance;
• Real-time cyber threat information; and
• Public recognition.

• Requires the Secretary of Homeland Security to inform the owner or operator of information infrastructure, located outside the United States, about any cyber risks that could result in damage to the U.S. and the government of the country in which the information infrastructure is located (Sec. 108).

• Amends the Federal Information Security Management Act of 2002 (FISMA) to direct the Secretary of Homeland Security to oversee the information security requirements of federal agencies, whereas existing law placed oversight authority with the Director of the Office of Management and Budget (Sec. 201).

• Establishes the National Center for Cybersecurity and Communications within the Department of Homeland Security (Sec. 242).

• Requires private entities to protect information, acquired from system monitoring, that could be used to identify specific individuals (Sec. 702).

Full Bill Text

Vote Smart's Synopsis:

Vote to pass a bill that establishes the National Cybersecurity Council with the purpose of monitoring and protecting critical cyber infrastructure.

Highlights:

• Establishes the National Cybersecurity Council to identify critical cyber infrastructure, assess risks to it, and convince the private sector to voluntarily adopt certain cybersecurity practices (Sec. 101).

• Defines “critical cyber infrastructure” as critical infrastructure to which damage or unauthorized access could cause a significant loss of life, mass evacuation, economic damage, or damage to security capabilities (Sec. 102).

• Establishes the Voluntary Cybersecurity Program for Critical Infrastructure to certify critical infrastructure owners meet certain cybersecurity practices (Sec. 104).

• Specifies that participants certified under the Voluntary Cybersecurity Program for Critical Infrastructure will receive (Sec. 104):
• Liability protection from punitive damages;
• Expedited security clearances;
• Prioritized technical assistance;
• Real-time cyber threat information; and
• Public recognition.

• Requires the Secretary of Homeland Security to inform the owner or operator of information infrastructure, located outside the United States, about any cyber risks that could result in damage to the U.S. and the government of the country in which the information infrastructure is located (Sec. 108).

• Amends the Federal Information Security Management Act of 2002 (FISMA) to direct the Secretary of Homeland Security to oversee the information security requirements of federal agencies, whereas existing law placed oversight authority with the Director of the Office of Management and Budget (Sec. 201).

• Establishes the National Center for Cybersecurity and Communications within the Department of Homeland Security (Sec. 242).

• Requires private entities to protect information, acquired from system monitoring, that could be used to identify specific individuals (Sec. 702).

Full Bill Text

Full Bill Text