[Congressional Bills 113th Congress]
[From the U.S. Government Publishing Office]
[S. 658 Introduced in Senate (IS)]

113th CONGRESS
  1st Session
                                 S. 658

To amend titles 10 and 32, United States Code, to enhance capabilities 
    to prepare for and respond to cyber emergencies, and for other 
                               purposes.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                             March 22, 2013

  Mrs. Gillibrand (for herself, Mr. Vitter, Mr. Coons, Mr. Blunt, Ms. 
   Landrieu, Mr. Leahy, Mr. Warner, and Mrs. Murray) introduced the 
 following bill; which was read twice and referred to the Committee on 
                             Armed Services

_______________________________________________________________________

                                 A BILL


 
To amend titles 10 and 32, United States Code, to enhance capabilities 
    to prepare for and respond to cyber emergencies, and for other 
                               purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Cyber Warrior Act of 2013''.

SEC. 2. FINDINGS.

    Congress makes the following findings:
            (1) The report of the Department of Defense Science Board 
        Task Force on Resilient Military Systems and the Advanced Cyber 
        Threat finds that ``[i]t is not clear that high-end cyber 
        practitioners can be found in sufficient numbers within typical 
        recruitments pools''.
            (2) The report recommends that ``[t]he Department must 
        scale up its efforts to recruit, provided facilities and 
        training, and use effectively these critical people''.
            (3) The National Guard has the authority to operate on 
        active duty under title 10, United States Code, and in National 
        Guard status under title 32, United States Code.
            (4) The National Guard can leverage the expertise of 
        private sector information technology (IT) specialists and help 
        retain the capability of retiring military personnel trained in 
        cybersecurity matters.
            (5) The National Guard in its status under title 32, United 
        States Code, supports the Department of Homeland Security and 
        the Governors of the States in responding to natural disasters.

SEC. 3. ENHANCEMENT OF PREPARATION FOR AND RESPONSE TO CYBER 
              EMERGENCIES.

    (a) Establishment of Cyber and Computer Network Incident Response 
Teams.--
            (1) In general.--The Secretary of Defense shall establish 
        in each of the several States and the District of Columbia a 
        separate team of members of the National Guard under section 
        12310(d) of title 10, United States Code (as amended by 
        subsection (b)), and section 510 of title 32, United States 
        Code (as added by subsection (c)), to perform duties relating 
        to analysis and protection in support of programs to prepare 
        for and respond to emergencies involving an attack or natural 
        disaster impacting a computer, electronic, or cyber network.
            (2) Designation.--Each team established under paragraph (1) 
        shall be known as a ``Cyber and Computer Network Incident 
        Response Team''.
    (b) Use of Active National Guard Personnel.--Section 12310 of title 
10, United States Code, is amended--
            (1) by redesignating subsection (d) as subsection (e); and
            (2) by inserting after subsection (c) the following new 
        subsection (d):
    ``(d) Operations Relating to Protection of Public and Private Cyber 
Infrastructure.--(1) Notwithstanding subsection (b), a member of the 
National Guard on active duty as described in subsection (a), or a 
member of the National Guard serving on full-time National Guard duty 
under section 502(f) of title 32 in connection with functions referred 
to in subsection (a), may perform duties relating to analysis and 
protection in support of programs to prepare for and respond to 
emergencies involving an attack or natural disaster impacting a 
computer, electronic, or cyber network.
    ``(2) The duties of members under this subsection may include 
duties to assist the combatant commands in developing and expanding 
their capacity relating to analysis and protection in support of 
programs to prepare for and respond to emergencies involving an attack 
or natural disaster impacting a computer, electronic, or cyber network.
    ``(3) The duties performed by members under this subsection may be 
performed for or in support of cyber and computer network incident 
response teams established pursuant to section 3(a) of the Cyber 
Warrior Act of 2013.
    ``(4) Notwithstanding section 502(f) of title 32, the costs of the 
pay, allowances, clothing, subsistence, gratuities, travel, and related 
expenses for a member of the National Guard performing duties under 
this subsection shall be paid from the appropriation that is available 
to pay such costs for members of the regular component of the armed 
force of that member.
    ``(5) Members of the National Guard on active duty who are 
performing duty described in this subsection shall be counted against 
the annual end strength authorizations required by section 115(a)(1) of 
this title. The justification materials for the defense budget request 
for a fiscal year shall identify the number and component of members of 
the National Guard programmed to be performing duties described in this 
subsection during that fiscal year.
    ``(6) Members may not perform duties under this subsection unless 
the Secretary of Defense has certified to the Committee on Armed 
Services of the Senate and the Committee on Armed Services of the House 
of Representatives that the members possess the requisite skills, 
training, and equipment to be proficient in all mission 
requirements.''.
    (c) Use of National Guard Personnel Performing Training or Drill.--
            (1) In general.--Chapter 5 of title 32, United States Code, 
        is amended by adding at the end the following new section:
``Sec. 510. Preparation for and response to cyber emergencies
    ``Under regulations prescribed by the Secretary of the Army or the 
Secretary of the Air Force, as the case may be, members of the National 
Guard performing training or drill required by this chapter may perform 
duties relating to analysis and protection in support of programs to 
prepare for and respond to emergencies involving an attack or natural 
disaster impacting a computer, electronic, or cyber network, including 
in connection with cyber and computer network incident response teams 
established pursuant to section 3(a) of the Cyber Warrior Act of 
2013.''.
            (2) Clerical amendment.--The table of sections at the 
        beginning of chapter 5 of such title is amended by adding at 
        the end the following new item:

``510. Preparation for and response to cyber emergencies.''.
    (d) Homeland Defense Activities.--
            (1) In general.--Chapter 9 of title 32, United States Code, 
        is amended by inserting after section 902 the following new 
        section:
``Sec. 902a. Homeland defense activities: activities relating to 
              preparation for and response to cyber emergencies
    ``(a) In General.--The homeland defense activities for which funds 
may be provided under this chapter shall include the following:
            ``(1) The provision by units or members of the National 
        Guard of education and training for State and local law 
        enforcement and governmental personnel on analysis and 
        protection to prepare for and respond to emergencies involving 
        an attack or natural disaster impacting a computer, electronic, 
        or cyber network.
            ``(2) Upon the order of the Governor of the State, the 
        performance by units or members of the National Guard of 
        activities being undertaken by the State government and local 
        governments in the State on analysis and protection to prepare 
        for and respond to emergencies described in paragraph (1).
    ``(b) Members Authorized To Perform Activities.--The members of the 
National Guard who may perform activities authorized by this section 
are members on full-time National Guard duty under section 502(f) of 
this title.
    ``(c) Performance in Connection With Cyber and Computer Network 
Incident Response Teams.--The activities performed by members under 
this section may be performed for or in support of cyber and computer 
network incident response teams established pursuant to section 3(a) of 
the Cyber Warrior Act of 2013.
    ``(d) Inapplicability of Certain Requirements and Limitations.--The 
performance of activities under this section by members of the National 
Guard shall not be subject to the requirements and limitations in 
subsections (b), (c), and (d) of section 904 of this title.
    ``(e) Definitions.--In this section:
            ``(1) The term `Governor', in the case of the District of 
        Columbia, means the commanding general of the District of 
        Columbia National Guard.
            ``(2) The term `State' means the several States, the 
        District of Columbia, the Commonwealth of Puerto Rico, and the 
        Territories of the United States.''.
            (2) Clerical amendment.--The table of sections at the 
        beginning of chapter 9 of such title is amended by inserting 
        after the item relating to section 902 the following new item:

``902a. Homeland defense activities: activities relating to preparation 
                            for and response to cyber emergencies.''.
    (e) Training on Cyber Duties.--
            (1) In general.--The Secretary of the Army and the 
        Secretary of the Air Force shall ensure that the training 
        provided to members of the Army National Guard and the Air 
        National Guard, respectively, on analysis and protection to 
        prepare for and respond to emergencies involving an attack or 
        natural disaster impacting a computer, electronic, or cyber 
        network shall, to the extent practicable, be equivalent to the 
        training provided members of the regular component of the Army 
        and the Air Force on such matters.
            (2) Reports.--Not later than one year after the date of the 
        enactment of this Act, and annually thereafter for four years, 
        the Secretary of Defense shall submit to the Committee on Armed 
        Services of the Senate and the Committee on Armed Services of 
        the House of Representatives a report on the training provided 
        to members of the Army National Guard and the Air National 
        Guard pursuant to paragraph (1) on the matters described in 
        that paragraph. Each report shall include a description of the 
        training currently provided to members of the Army National 
        Guard and the Air National Guard on such matters, and such 
        recommendations as the Secretary considers appropriate for 
        improvements to such training in order to better align such 
        training for members of the Army National Guard and the Air 
        National Guard, on the one hand, and members of the regular 
        component of the Army and the Air Force, on the other.
    (f) Additional Report.--Not later than 180 days after the date of 
the enactment of this Act, the Secretary of Defense shall submit to the 
Committee on Armed Services of the Senate and the Committee on Armed 
Services of the House of Representatives a report setting forth the 
following:
            (1) A description and assessment of various mechanisms to 
        recruit and retain members of the regular components and 
        reserve components of the Armed Forces with expertise in 
        computer network defense and operations, including 
        modifications of the curricula for the Reserve Officers' 
        Training Corps programs, enhanced opportunities for individuals 
        to select their preferred Armed Force of accession, payment of 
        recruitment and retention bonuses, the provision of educational 
        scholarships and stipends, and enhanced funding of training and 
        certification programs.
            (2) An assessment of the circumstances (including short-
        term deployment, virtual deployment, or both) under which 
        members of the reserve components with computer network defense 
        duties can be managed without the geographic relocation of such 
        members.
            (3) A description of the training requirements and physical 
        demands, if any, for military occupational specialties relating 
        to computer network defense.
                                 <all>