Effective Nov 16, 2018(Pub. L. 107–296, title XXII, § 2210, formerly title II, § 228, as added and amended Pub. L. 114–113, div. N, title II, §§ 205, 223(a)(2), (4), (5), Dec. 18, 2015, 129 Stat. 2961, 2963, 2964; renumbered title XXII, § 2210, and amended Pub. L. 115–278, § 2(g)(2)(I), (9)(A)(iv), Nov. 16, 2018, 132 Stat. 4178, 4181.)
Viewing an earlier version · effective Nov 16, 2018View current
(a) Definitions In this section—
(1) the term “agency information system” means an information system used or operated by an agency or by another entity on behalf of an agency;
(2) the terms “cybersecurity risk” and “information system” have the meanings given those terms in section 659 of this title;
(4) the term “national security system” has the meaning given the term in section 11103 of title 40.
(b) Intrusion assessment plan
(1) Requirement The Secretary, in coordination with the Director of the Office of Management and Budget, shall—
(A) develop and implement an intrusion assessment plan to proactively detect, identify, and remove intruders in agency information systems on a routine basis; and
(B) update such plan as necessary.
(2) Exception The intrusion assessment plan required under paragraph (1) shall not apply to the Department of Defense, a national security system, or an element of the intelligence community.
(c) Cyber incident response plan The Director of Cybersecurity and Infrastructure Security shall, in coordination with appropriate Federal departments and agencies, State and local governments, sector coordinating councils, information sharing and analysis organizations (as defined in section 671(5) of this title), owners and operators of critical infrastructure, and other appropriate entities and individuals, develop, regularly update, maintain, and exercise adaptable cyber incident response plans to address cybersecurity risks (as defined in section 659 of this title) to critical infrastructure.
(d) National Response Framework The Secretary, in coordination with the heads of other appropriate Federal departments and agencies, and in accordance with the National Cybersecurity Incident Response Plan required under subsection (c), shall regularly update, maintain, and exercise the Cyber Incident Annex to the National Response Framework of the Department.
2015—Subsec. (c). Pub. L. 114–113, § 223(a)(5), made technical amendment to reference in original act which appears in text as reference to section 148 of this title.