[Congressional Bills 111th Congress]
[From the U.S. Government Publishing Office]
[H.R. 6351 Introduced in House (IH)]

111th CONGRESS
  2d Session
                                H. R. 6351

 To establish the Executive Cyber Director in the Executive Office of 
 the President, to clarify the authority of the Secretary of Homeland 
  Security and the Executive Cyber Director with respect to critical 
     information infrastructure policy creation, verification, and 
             enforcement measures, and for other purposes.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                           September 29, 2010

    Mr. Langevin (for himself, Mr. Ruppersberger, and Mr. Bartlett) 
 introduced the following bill; which was referred to the Committee on 
 Homeland Security, and in addition to the Committee on Oversight and 
 Government Reform, for a period to be subsequently determined by the 
  Speaker, in each case for consideration of such provisions as fall 
           within the jurisdiction of the committee concerned

_______________________________________________________________________

                                 A BILL


 
 To establish the Executive Cyber Director in the Executive Office of 
 the President, to clarify the authority of the Secretary of Homeland 
  Security and the Executive Cyber Director with respect to critical 
     information infrastructure policy creation, verification, and 
             enforcement measures, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Strengthening Cybersecurity for 
Critical Infrastructure Act''.

SEC. 2. DEFINITIONS.

    In this Act--
            (1) the term ``critical information infrastructure'' means 
        the electronic information and communications systems, 
        software, and assets that control, protect, process, transmit, 
        receive, program, or store information in any form, including 
        data, voice, and video, relied upon by critical infrastructure, 
        industrial control systems such as, but not limited to, 
        supervisory control and data acquisition systems, and 
        programmable logic controllers. This shall also include such 
        systems of the Federal Government;
            (2) the term ``critical infrastructure'' has the meaning 
        given that term in section 2 of the Homeland Security Act of 
        2002 (6 U.S.C. 101); and
            (3) the term ``Secretary'' means the Secretary of Homeland 
        Security.

SEC. 3. AUTHORITY OF SECRETARY.

    (a) In General.--The Secretary shall have primary authority in the 
executive branch of the Federal Government in creation, verification, 
and enforcement of measures with respect to the protection of critical 
information infrastructure, including promulgating risk-informed 
information security practices and standards applicable to critical 
information infrastructures that are not owned by or under the direct 
control of the Federal Government. These efforts shall be carried out 
with the consultation of appropriate private sector bodies, including 
private owners and operators of the infrastructure affected by these 
measures.
    (b) Other Federal Agencies.--In establishing measures with respect 
to the protection of critical information infrastructure the Secretary 
shall--
            (1) consult with the Secretary of Commerce, the Secretary 
        of Defense, the National Institute of Standards and Technology, 
        and other sector specific Federal regulatory agencies in 
        exercising the authority referred to in subsection (a); and
            (2) coordinate, through the Executive Office of the 
        President, with sector specific Federal regulatory agencies, 
        including the Federal Energy Regulatory Commission, in 
        establishing enforcement mechanisms under the authority 
        referred to in subsection (a).
    (c) Auditing Authority.--The Secretary may--
            (1) conduct such audits as are necessary to ensure that 
        appropriate measures are taken to secure critical information 
        infrastructure;
            (2) issue such subpoenas as are necessary to determine 
        compliance with Federal regulatory requirements for securing 
        critical information infrastructure; and
            (3) authorize sector specific Federal regulatory agencies 
        to undertake such audits.

SEC. 4. ESTABLISHMENT AND AUTHORITY OF EXECUTIVE CYBER DIRECTOR.

    (a) Establishment.--There is established within the Executive 
Office of the President an office to be known as the National Office 
for Cyberspace. There shall be at the head of the Office the Executive 
Cyber Director, who shall be appointed by the President by and with the 
advice and consent of the Senate.
    (b) Authority.--The Executive Cyber Director shall have primary 
authority in the executive branch of the Federal Government in leading 
interagency coordination on security policies relating to the creation, 
verification, and enforcement of measures to protect critical 
information infrastructure.
                                 <all>