This bill sets out a process to designate elements of critical infrastructure as systemically important. Critical infrastructure refers to the machinery, facilities, and information that enable vital functions of governance, public health, and the economy.

Specifically, the Cybersecurity and Infrastructure Security Agency (CISA) must establish a methodology based on objective criteria to designate critical infrastructure as systemically important. In developing the criteria, CISA must consider, among other factors, the scale of the potential effects of a disruption to the infrastructure on domestic security, the economy, health, or safety.

Using the methodology, CISA must make a preliminary designation and then provide an opportunity for the infrastructure's owner or operator to share additional information. A preliminary designation becomes final after 30 days unless, on the basis of additional information, CISA determines the infrastructure does not meet required criteria.

The bill also requires CISA to

• maintain a list of systemically important critical infrastructure,
• prioritize systemically important critical infrastructure in its programs and activities,
• report on various matters related to the designation process, and
• assess processes for and benefits of enhanced risk management coordination between the federal government and the owners and operators of systemically important critical infrastructure.

Additionally, the Department of Homeland Security must prioritize the security clearance applications of owners and operators of systemically important critical infrastructure.