[Congressional Bills 117th Congress]
[From the U.S. Government Publishing Office]
[S. 4000 Reported in Senate (RS)]

<DOC>





                                                       Calendar No. 587
117th CONGRESS
  2d Session
                                S. 4000

                          [Report No. 117-228]

   To require the establishment of cybersecurity information sharing 
 agreements between the Department of Homeland Security and Congress, 
                        and for other purposes.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                             April 5, 2022

  Mr. Portman (for himself, Ms. Klobuchar, Mr. Blunt, and Mr. Peters) 
introduced the following bill; which was read twice and referred to the 
        Committee on Homeland Security and Governmental Affairs

                            December 5, 2022

               Reported by Mr. Peters, with an amendment
 [Strike out all after the enacting clause and insert the part printed 
                               in italic]

_______________________________________________________________________

                                 A BILL


 
   To require the establishment of cybersecurity information sharing 
 agreements between the Department of Homeland Security and Congress, 
                        and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

<DELETED>SECTION 1. SHORT TITLE.</DELETED>

<DELETED>    This Act may be cited as the ``Intragovernmental 
Cybersecurity Information Sharing Act''.</DELETED>

<DELETED>SEC. 2. REQUIREMENT FOR INFORMATION SHARING 
              AGREEMENTS.</DELETED>

<DELETED>    (a) In General.--Not later than 180 days after the date of 
enactment of this Act, the Secretary of Homeland Security, in 
consultation with other appropriate Executive agencies (as defined in 
section 105 of title 5, United States Code, including the Executive 
Office of the President) and officials, shall enter into 1 or more 
cybersecurity information sharing agreements with the Sergeant at Arms 
and Doorkeeper of the Senate and the Chief Administrative Officer of 
the House of Representatives to ensure robust collaboration between the 
executive branch and Congress on Federal cybersecurity.</DELETED>
<DELETED>    (b) Elements.--The parties to a cybersecurity information 
sharing agreement under subsection (a) shall jointly develop such 
elements of the agreement as the parties find appropriate, which may 
include--</DELETED>
        <DELETED>    (1) direct and timely sharing of technical 
        indicators and contextual information on cyber threats and 
        vulnerabilities;</DELETED>
        <DELETED>    (2) direct and timely sharing of classified and 
        unclassified reports on cyber threats and activities; 
        and</DELETED>
        <DELETED>    (3) seating of cybersecurity personnel of the 
        Senate or the House of Representatives at cybersecurity 
        operations centers.</DELETED>
<DELETED>    (c) Briefing to Congress.--Not later than 210 days after 
the date of enactment of this Act, and periodically thereafter, the 
Secretary of Homeland Security shall brief the Committee on Homeland 
Security and Governmental Affairs and the Committee on Rules and 
Administration of the Senate and the Committee on Homeland Security and 
the Committee on House Administration of the House of Representatives 
on the status of the implementation of the agreements required under 
subsection (a).</DELETED>

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Intragovernmental Cybersecurity 
Information Sharing Act''.

SEC. 2. REQUIREMENT FOR INFORMATION SHARING AGREEMENTS.

    (a) Requirement.--
            (1) In general.--Not later than 180 days after the date of 
        enactment of this Act, the President, the Sergeant at Arms and 
        Doorkeeper of the Senate, and the Chief Administrative Officer 
        of the House of Representatives shall enter into 1 or more 
        cybersecurity information sharing agreements to enhance 
        collaboration between the executive branch and Congress on 
        implementing cybersecurity measures to improve the protection 
        of legislative branch information technology.
            (2) Delegation.--If the President delegates the duties 
        under paragraph (1), the designee of the President shall 
        coordinate with appropriate Executive agencies (as defined in 
        section 105 of title 5, United States Code, including the 
        Executive Office of the President) and appropriate officers in 
        the executive branch in entering any agreement described in 
        paragraph (1).
    (b) Elements.--The parties to a cybersecurity information sharing 
agreement under subsection (a) shall jointly develop such elements of 
the agreement as the parties find appropriate, which may include--
            (1) direct and timely sharing of technical indicators and 
        contextual information on cyber threats and vulnerabilities, 
        and the means for such sharing;
            (2) direct and timely sharing of classified and 
        unclassified reports on cyber threats and activities;
            (3) seating of cybersecurity personnel of the Office of the 
        Sergeant at Arms and Doorkeeper of the Senate or the Office of 
        the Chief Administrative Officer of the House of 
        Representatives at cybersecurity operations centers; and
            (4) any other elements the parties find appropriate.
    (c) Briefing to Congress.--Not later than 210 days after the date 
of enactment of this Act, and periodically thereafter, the President 
shall brief the Committee on Homeland Security and Governmental Affairs 
and the Committee on Rules and Administration of the Senate and the 
Committee on Homeland Security and the Committee on House 
Administration of the House of Representatives on the status of the 
implementation of the agreements required under subsection (a).
                                                       Calendar No. 587

117th CONGRESS

  2d Session

                                S. 4000

                          [Report No. 117-228]

_______________________________________________________________________

                                 A BILL

   To require the establishment of cybersecurity information sharing 
 agreements between the Department of Homeland Security and Congress, 
                        and for other purposes.

_______________________________________________________________________

                            December 5, 2022

                       Reported with an amendment