Bill Sponsor
BILLSPONSOR
Bill Sponsor
Politicians
Bills
Senate Bill 315
116th Congress(2019-2020)
DHS Cyber Hunt and Incident Response Teams Act of 2019
Introduced
Introduced
Introduced in Senate on Jan 31, 2019
Overview
Text
About Linkage
Multiple bills can contain the same text. This could be an identical bill in the opposite chamber or a smaller bill with a section embedded in a larger bill.
Bill Sponsor regularly scans bill texts to find sections that are contained in other bill texts. When a matching section is found, the bills containing that section can be viewed by clicking "View Bills" within the bill text section.
Bill Sponsor is currently only finding exact word-for-word section matches. In a future release, partial matches will be included.
About Linkage
Multiple bills can contain the same text. This could be an identical bill in the opposite chamber or a smaller bill with a section embedded in a larger bill.
Bill Sponsor regularly scans bill texts to find sections that are contained in other bill texts. When a matching section is found, the bills containing that section can be viewed by clicking "View Bills" within the bill text section.
Bill Sponsor is currently only finding exact word-for-word section matches. In a future release, partial matches will be included.
Jump To
S. 315 (Reported-in-Senate)

Calendar No. 62

116th CONGRESS
1st Session
S. 315

[Report No. 116–27]


To authorize cyber hunt and incident response teams at the Department of Homeland Security, and for other purposes.

IN THE SENATE OF THE UNITED STATES

January 31, 2019

Ms. Hassan (for herself, Mr. Portman, and Mr. Peters) introduced the following bill; which was read twice and referred to the Committee on Homeland Security and Governmental Affairs

April 8, 2019

Reported by Mr. Johnson, with an amendment

[Strike out all after the enacting clause and insert the part printed in italic]

A BILL

To authorize cyber hunt and incident response teams at the Department of Homeland Security, and for other purposes.

Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,

SECTION 1. Short title.

This Act may be cited as the “DHS Cyber Hunt and Incident Response Teams Act of 2019”.

SEC. 2. Department of Homeland Security cyber hunt and incident response teams.

(a) In general.—Section 2209 of the Homeland Security Act of 2002 (6 U.S.C. 659) is amended—

(1) in subsection (d)(1)(B)(iv), by inserting “, including cybersecurity specialists” after “entities”;

(2) by redesignating subsections (f) through (m) as subsections (g) through (n), respectively;

(3) by inserting after subsection (e) the following:

“(f) Cyber hunt and incident response teams.—

“(1) IN GENERAL.—The Center shall maintain cyber hunt and incident response teams for the purpose of leading Federal asset response activities and providing timely technical assistance to Federal and non-Federal entities, including across all critical infrastructure sectors, regarding actual or potential security incidents, as appropriate and upon request, including—

“(A) assistance to asset owners and operators in restoring services following a cyber incident;

“(B) identification and analysis of cybersecurity risk and unauthorized cyber activity;

“(C) mitigation strategies to prevent, deter, and protect against cybersecurity risks;

“(D) recommendations to asset owners and operators for improving overall network and control systems security to lower cybersecurity risks, and other recommendations, as appropriate; and

“(E) such other capabilities as the Secretary determines appropriate.

“(2) ASSOCIATED METRICS.—The Center shall continually assess and evaluate the cyber hunt and incident response teams and the operations of those cyber hunt and incident response teams using robust metrics.

“(3) REPORT.—At the conclusion of each of the first 4 fiscal years after the date of enactment of the DHS Cyber Hunt and Incident Response Teams Act of 2019, the Center shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security of the House of Representatives a report that includes—

“(A) information relating to the metrics used for evaluation and assessment of the cyber hunt and incident response teams and operations under paragraph (2), including the resources and staffing of those cyber hunt and incident response teams; and

“(B) for the period covered by the report—

(i) the total number of incident response requests received;

(ii) the number of incident response tickets opened; and

(iii) a statement of—

(I) all interagency staffing of cyber hunt and incident response teams; and

(II) the interagency collaborations established to support cyber hunt and incident response teams.

“(4) CYBERSECURITY SPECIALISTS.—After notice to, and with the approval of, the entity requesting action by or technical assistance from the Center, the Secretary may include cybersecurity specialists from the private sector on a cyber hunt and incident response team.”; and

(4) in subsection (g), as so redesignated—

(A) in paragraph (1), by inserting “, or any team or activity of the Center,” after “Center”; and

(B) in paragraph (2), by inserting “, or any team or activity of the Center,” after “Center”.

(b) No additional funds authorized.—No additional funds are authorized to be appropriated to carry out the requirements of this Act and the amendments made by this Act. Such requirements shall be carried out using amounts otherwise authorized to be appropriated.

SECTION 1. Short title.

This Act may be cited as the “DHS Cyber Hunt and Incident Response Teams Act of 2019”.

SEC. 2. Department of Homeland Security cyber hunt and incident response teams.

(a) In general.—Section 2209 of the Homeland Security Act of 2002 (6 U.S.C. 659) is amended—

(1) in subsection (d)(1)(B)(iv), by inserting “, including cybersecurity specialists” after “entities”;

(2) by redesignating subsections (f) through (m) as subsections (g) through (n), respectively;

(3) by inserting after subsection (e) the following:

“(f) Cyber hunt and incident response teams.—

“(1) IN GENERAL.—The Center shall maintain cyber hunt and incident response teams for the purpose of leading Federal asset response activities and providing timely technical assistance to Federal and non-Federal entities, including across all critical infrastructure sectors, regarding actual or potential security incidents, as appropriate and upon request, including—

“(A) assistance to asset owners and operators in restoring services following a cyber incident;

“(B) identification and analysis of cybersecurity risk and unauthorized cyber activity;

“(C) mitigation strategies to prevent, deter, and protect against cybersecurity risks;

“(D) recommendations to asset owners and operators for improving overall network and control systems security to lower cybersecurity risks, and other recommendations, as appropriate; and

“(E) such other capabilities as the Secretary determines appropriate.

“(2) ASSOCIATED METRICS.—The Center shall—

“(A) define the goals and desired outcomes for each cyber hunt and incident response team; and

“(B) develop metrics—

“(i) to measure the effectiveness and efficiency of each cyber hunt and incident response team in achieving the goals and desired outcomes defined under subparagraph (A); and

“(ii) that—

“(I) are quantifiable and actionable; and

“(II) the Center shall use to improve the effectiveness and accountability of, and service delivery by, cyber hunt and incident response teams.

“(3) CYBERSECURITY SPECIALISTS.—After notice to, and with the approval of, the entity requesting action by or technical assistance from the Center, the Secretary may include cybersecurity specialists from the private sector on a cyber hunt and incident response team.”; and

(4) in subsection (g), as so redesignated—

(A) in paragraph (1), by inserting “, or any team or activity of the Center,” after “Center”; and

(B) in paragraph (2), by inserting “, or any team or activity of the Center,” after “Center”.

(b) Report.—

(1) DEFINITIONS.—In this subsection—

(A) the term “Center” means the national cybersecurity and communications integration center established under section 2209(b) of the Homeland Security Act of 2002 (6 U.S.C. 659(b));

(B) the term “cyber hunt and incident response team” means a cyber hunt and incident response team maintained under section 2209(f) of the Homeland Security Act of 2002 (6 U.S.C. 659(f)), as added by this Act; and

(C) the term “incident” has the meaning given the term in section 2209(a) of the Homeland Security Act of 2002 (6 U.S.C. 659(a)).

(2) REPORT.—At the conclusion of each of the first 4 fiscal years after the date of enactment of the DHS Cyber Hunt and Incident Response Teams Act of 2019, the Center shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security of the House of Representatives a report that includes—

(A) information relating to the metrics used for evaluation and assessment of the cyber hunt and incident response teams and operations under section 2209(f)(2) of the Homeland Security Act of 2002 (6 U.S.C. 659(f)(2)), as added by this Act, including the resources and staffing of those cyber hunt and incident response teams; and

(B) for the period covered by the report—

(i) the total number of incident response requests received;

(ii) the number of incident response tickets opened; and

(iii) a statement of—

(I) all interagency staffing of cyber hunt and incident response teams; and

(II) the interagency collaborations established to support cyber hunt and incident response teams.

(c) No additional funds authorized.—No additional funds are authorized to be appropriated to carry out the requirements of this Act and the amendments made by this Act. Such requirements shall be carried out using amounts otherwise authorized to be appropriated.

Calendar No. 62

116th CONGRESS
     1st Session
S. 315
[Report No. 116–27]
A BILL
To authorize cyber hunt and incident response teams at the Department of Homeland Security, and for other purposes.
April 8, 2019
Reported with an amendment