[Congressional Record Volume 162, Number 134 (Wednesday, September 7, 2016)]
[Senate]
[Page S5373]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]

      By Mr. CORNYN:
  S. 3295. A bill to authorize the Secretary of Homeland Security to 
work with cybersecurity consortia for training, and for other purposes; 
to the Committee on Homeland Security and Governmental Affairs.
  Mr. CORNYN. Mr. President, I ask unanimous consent that the text of 
the bill be printed in the Record.
  There being no objection, the text of the bill was ordered to be 
printed in the Record, as follows:

                                S. 3295

       Be it enacted by the Senate and House of Representatives of 
     the United States of America in Congress assembled,

     SECTION 1. SHORT TITLE.

       This Act may be cited as the ``National Cybersecurity 
     Preparedness Consortium Act of 2016''.

     SEC. 2. NATIONAL CYBERSECURITY PREPAREDNESS CONSORTIUM.

       (a) In General.--The Secretary of Homeland Security may 
     work with a consortium, including the National Cybersecurity 
     Preparedness Consortium, to support efforts to address 
     cybersecurity risks and incidents (as such terms are defined 
     in section 227 of the Homeland Security Act of 2002 (6 U.S.C. 
     148)), including threats of terrorism and acts of terrorism.
       (b) Assistance to the NCCIC.--The Secretary of Homeland 
     Security may work with a consortium to assist the national 
     cybersecurity and communications integration center of the 
     Department of Homeland Security (established pursuant to 
     section 227 of the Homeland Security Act of 2002) to--
       (1) provide training to State and local first responders 
     and officials specifically for preparing for and responding 
     to cybersecurity risks and incidents, including threats of 
     terrorism and acts of terrorism, in accordance with current 
     law;
       (2) develop and update a curriculum utilizing existing 
     programs and models in accordance with such section 227, for 
     State and local first responders and officials, related to 
     cybersecurity risks and incidents, including threats of 
     terrorism and acts of terrorism;
       (3) provide technical assistance services to build and 
     sustain capabilities in support of preparedness for and 
     response to cybersecurity risks and incidents, including 
     threats of terrorism and acts of terrorism, in accordance 
     with such section 227;
       (4) conduct cross-sector cybersecurity training and 
     simulation exercises for entities, including State and local 
     governments, critical infrastructure owners and operators, 
     and private industry, to encourage community-wide 
     coordination in defending against and responding to 
     cybersecurity risks and incidents, including threats of 
     terrorism and acts of terrorism, in accordance with 
     subsection (c) of section 228 of the Homeland Security Act of 
     2002 (6 U.S.C. 149);
       (5) help States and communities develop cybersecurity 
     information sharing programs, in accordance with section 227 
     of the Homeland Security Act of 2002, for the dissemination 
     of homeland security information related to cybersecurity 
     risks and incidents, including threats of terrorism and acts 
     of terrorism; and
       (6) help incorporate cybersecurity risk and incident 
     prevention and response (including related to threats of 
     terrorism and acts of terrorism) into existing State and 
     local emergency plans, including continuity of operations 
     plans.
       (c) Prohibition on Duplication.--In carrying out the 
     functions under subsection (b), the Secretary of Homeland 
     Security shall, to the greatest extent practicable, seek to 
     prevent unnecessary duplication of existing programs or 
     efforts of the Department of Homeland Security.
       (d) Considerations Regarding Selection of a Consortium.--In 
     selecting a consortium with which to work under this Act, the 
     Secretary of Homeland Security shall take into consideration 
     the following:
       (1) Any prior experience conducting cybersecurity training 
     and exercises for State and local entities.
       (2) Geographic diversity of the members of any such 
     consortium so as to cover different regions across the United 
     States.
       (e) Metrics.--If the Secretary of Homeland Security works 
     with a consortium pursuant to subsection (a), the Secretary 
     shall measure the effectiveness of the activities undertaken 
     by such consortium under this Act.
       (f) Outreach.--The Secretary of Homeland Security shall 
     conduct outreach to universities and colleges, including 
     historically Black colleges and universities, Hispanic-
     serving institutions, Tribal Colleges and Universities, and 
     other minority-serving institutions, regarding opportunities 
     to support efforts to address cybersecurity risks and 
     incidents, including threats of terrorism and acts of 
     terrorism, by working with the Secretary pursuant to 
     subsection (a).
       (g) Termination.--The authority to carry out this Act shall 
     terminate on the date that is 5 years after the date of the 
     enactment of this Act.
       (h) Consortium Defined.--In this Act, the term 
     ``consortium'' means a group primarily composed of non-profit 
     entities, including academic institutions, that develop, 
     update, and deliver cybersecurity training in support of 
     homeland security.

                          ____________________