[Congressional Bills 114th Congress]
[From the U.S. Government Publishing Office]
[S. 3295 Introduced in Senate (IS)]

<DOC>






114th CONGRESS
  2d Session
                                S. 3295

     To authorize the Secretary of Homeland Security to work with 
     cybersecurity consortia for training, and for other purposes.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                           September 7, 2016

  Mr. Cornyn introduced the following bill; which was read twice and 
referred to the Committee on Homeland Security and Governmental Affairs

_______________________________________________________________________

                                 A BILL


 
     To authorize the Secretary of Homeland Security to work with 
     cybersecurity consortia for training, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``National Cybersecurity Preparedness 
Consortium Act of 2016''.

SEC. 2. NATIONAL CYBERSECURITY PREPAREDNESS CONSORTIUM.

    (a) In General.--The Secretary of Homeland Security may work with a 
consortium, including the National Cybersecurity Preparedness 
Consortium, to support efforts to address cybersecurity risks and 
incidents (as such terms are defined in section 227 of the Homeland 
Security Act of 2002 (6 U.S.C. 148)), including threats of terrorism 
and acts of terrorism.
    (b) Assistance to the NCCIC.--The Secretary of Homeland Security 
may work with a consortium to assist the national cybersecurity and 
communications integration center of the Department of Homeland 
Security (established pursuant to section 227 of the Homeland Security 
Act of 2002) to--
            (1) provide training to State and local first responders 
        and officials specifically for preparing for and responding to 
        cybersecurity risks and incidents, including threats of 
        terrorism and acts of terrorism, in accordance with current 
        law;
            (2) develop and update a curriculum utilizing existing 
        programs and models in accordance with such section 227, for 
        State and local first responders and officials, related to 
        cybersecurity risks and incidents, including threats of 
        terrorism and acts of terrorism;
            (3) provide technical assistance services to build and 
        sustain capabilities in support of preparedness for and 
        response to cybersecurity risks and incidents, including 
        threats of terrorism and acts of terrorism, in accordance with 
        such section 227;
            (4) conduct cross-sector cybersecurity training and 
        simulation exercises for entities, including State and local 
        governments, critical infrastructure owners and operators, and 
        private industry, to encourage community-wide coordination in 
        defending against and responding to cybersecurity risks and 
        incidents, including threats of terrorism and acts of 
        terrorism, in accordance with subsection (c) of section 228 of 
        the Homeland Security Act of 2002 (6 U.S.C. 149);
            (5) help States and communities develop cybersecurity 
        information sharing programs, in accordance with section 227 of 
        the Homeland Security Act of 2002, for the dissemination of 
        homeland security information related to cybersecurity risks 
        and incidents, including threats of terrorism and acts of 
        terrorism; and
            (6) help incorporate cybersecurity risk and incident 
        prevention and response (including related to threats of 
        terrorism and acts of terrorism) into existing State and local 
        emergency plans, including continuity of operations plans.
    (c) Prohibition on Duplication.--In carrying out the functions 
under subsection (b), the Secretary of Homeland Security shall, to the 
greatest extent practicable, seek to prevent unnecessary duplication of 
existing programs or efforts of the Department of Homeland Security.
    (d) Considerations Regarding Selection of a Consortium.--In 
selecting a consortium with which to work under this Act, the Secretary 
of Homeland Security shall take into consideration the following:
            (1) Any prior experience conducting cybersecurity training 
        and exercises for State and local entities.
            (2) Geographic diversity of the members of any such 
        consortium so as to cover different regions across the United 
        States.
    (e) Metrics.--If the Secretary of Homeland Security works with a 
consortium pursuant to subsection (a), the Secretary shall measure the 
effectiveness of the activities undertaken by such consortium under 
this Act.
    (f) Outreach.--The Secretary of Homeland Security shall conduct 
outreach to universities and colleges, including historically Black 
colleges and universities, Hispanic-serving institutions, Tribal 
Colleges and Universities, and other minority-serving institutions, 
regarding opportunities to support efforts to address cybersecurity 
risks and incidents, including threats of terrorism and acts of 
terrorism, by working with the Secretary pursuant to subsection (a).
    (g) Termination.--The authority to carry out this Act shall 
terminate on the date that is 5 years after the date of the enactment 
of this Act.
    (h) Consortium Defined.--In this Act, the term ``consortium'' means 
a group primarily composed of non-profit entities, including academic 
institutions, that develop, update, and deliver cybersecurity training 
in support of homeland security.
                                 <all>