Bill Sponsor
Senate Bill 2199
117th Congress(2021-2022)
Cyber Sense Act of 2020
Introduced
Introduced
Introduced in Senate on Jun 23, 2021
Overview
Text
Introduced in Senate 
Jun 23, 2021
No Linkage Found
About Linkage
Multiple bills can contain the same text. This could be an identical bill in the opposite chamber or a smaller bill with a section embedded in a larger bill.
Bill Sponsor regularly scans bill texts to find sections that are contained in other bill texts. When a matching section is found, the bills containing that section can be viewed by clicking "View Bills" within the bill text section.
Bill Sponsor is currently only finding exact word-for-word section matches. In a future release, partial matches will be included.
Introduced in Senate(Jun 23, 2021)
Jun 23, 2021
No Linkage Found
About Linkage
Multiple bills can contain the same text. This could be an identical bill in the opposite chamber or a smaller bill with a section embedded in a larger bill.
Bill Sponsor regularly scans bill texts to find sections that are contained in other bill texts. When a matching section is found, the bills containing that section can be viewed by clicking "View Bills" within the bill text section.
Bill Sponsor is currently only finding exact word-for-word section matches. In a future release, partial matches will be included.
S. 2199 (Introduced-in-Senate)


117th CONGRESS
1st Session
S. 2199


To require the Secretary of Energy to establish a voluntary Cyber Sense program to test the cybersecurity of products and technologies intended for use in the bulk-power system, and for other purposes.


IN THE SENATE OF THE UNITED STATES

June 23, 2021

Ms. Rosen (for herself, Mr. Hoeven, Mr. King, Mr. Risch, and Mr. Tillis) introduced the following bill; which was read twice and referred to the Committee on Energy and Natural Resources


A BILL

To require the Secretary of Energy to establish a voluntary Cyber Sense program to test the cybersecurity of products and technologies intended for use in the bulk-power system, and for other purposes.

Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,

SECTION 1. Short title.

This Act may be cited as the “Cyber Sense Act of 2020”.

SEC. 2. Cyber Sense program.

(a) Definitions.—In this section:

(1) BULK-POWER SYSTEM.—The term “bulk-power system” has the meaning given the term in section 215(a) of the Federal Power Act (16 U.S.C. 824o(a)).

(2) CRITICAL ELECTRIC INFRASTRUCTURE.—The term “critical electric infrastructure” has the meaning given the term in section 215A(a) of the Federal Power Act (16 U.S.C. 824o–1(a)).

(3) PROGRAM.—The term “program” means the voluntary Cyber Sense program established under subsection (b).

(4) SECRETARY.—The term “Secretary” means the Secretary of Energy.

(b) Establishment.—The Secretary, in coordination with the heads of other relevant Federal agencies, shall establish a voluntary Cyber Sense program to test the cybersecurity of products and technologies intended for use in the bulk-power system.

(c) Program requirements.—In carrying out subsection (b), the Secretary shall—

(1) establish a testing process under the program to test the cybersecurity of products and technologies intended for use in the bulk-power system, including products relating to industrial control systems and operational technologies, such as supervisory control and data acquisition systems;

(2) for products and technologies tested under the program, establish and maintain cybersecurity vulnerability reporting processes and a related database;

(3) provide technical assistance to electric utilities, product manufacturers, and other electricity sector stakeholders to develop solutions to mitigate identified cybersecurity vulnerabilities in products and technologies tested under the program;

(4) biennially review products and technologies tested under the program for cybersecurity vulnerabilities and provide analysis with respect to how those products and technologies respond to and mitigate cyber threats;

(5) develop guidance that is informed by analysis and testing results under the program for electric utilities for the procurement of products and technologies;

(6) provide reasonable notice to, and solicit comments from, the public prior to establishing or revising the testing process under the program;

(7) oversee the testing of products and technologies under the program; and

(8) consider incentives to encourage the use of analysis and results of testing under the program in the design of products and technologies for use in the bulk-power system.

(d) Disclosure of information.—Any cybersecurity vulnerability reported pursuant to a process established under subsection (c)(2), the disclosure of which the Secretary reasonably foresees would cause harm to critical electric infrastructure, shall be considered to be critical electric infrastructure information for purposes of section 215A(d) of the Federal Power Act (16 U.S.C. 824o–1(d)).

(e) Federal government liability.—Nothing in this section authorizes the commencement of an action against the United States with respect to the testing of a product or technology under the program.