2021 US Code
Title 6 - Domestic Security
Chapter 1 - Homeland Security Organization
Subchapter XVIII - Cybersecurity and Infrastructure Security Agency
Part A - Cybersecurity and Infrastructure Security
Sec. 665b - Joint cyber planning office
6 U.S.C. § 665b (2021) |
§665b. Joint cyber planning office |
(a) Establishment of Office
There is established in the Agency an office for joint cyber planning (in this section referred to as the "Office") to develop, for public and private sector entities, plans for cyber defense operations, including the development of a set of coordinated actions to protect, detect, respond to, and recover from cybersecurity risks or incidents or limit, mitigate, or defend against coordinated, malicious cyber operations that pose a potential risk to critical infrastructure or national interests. The Office shall be headed by a senior official of the Agency selected by the Director. (b) Planning and executionIn leading the development of plans for cyber defense operations pursuant to subsection (a), the head of the Office shall— (1) coordinate with relevant Federal departments and agencies to establish processes and procedures necessary to develop and maintain ongoing coordinated plans for cyber defense operations; (2) leverage cyber capabilities and authorities of participating Federal departments and agencies, as appropriate, in furtherance of plans for cyber defense operations; (3) ensure that plans for cyber defense operations are, to the greatest extent practicable, developed in collaboration with relevant private sector entities, particularly in areas in which such entities have comparative advantages in limiting, mitigating, or defending against a cybersecurity risk or incident or coordinated, malicious cyber operation; (4) ensure that plans for cyber defense operations, as appropriate, are responsive to potential adversary activity conducted in response to United States offensive cyber operations; (5) facilitate the exercise of plans for cyber defense operations, including by developing and modeling scenarios based on an understanding of adversary threats to, vulnerability of, and potential consequences of disruption or compromise of critical infrastructure; (6) coordinate with and, as necessary, support relevant Federal departments and agencies in the establishment of procedures, development of additional plans, including for offensive and intelligence activities in support of cyber defense operations, and creation of agreements necessary for the rapid execution of plans for cyber defense operations when a cybersecurity risk or incident or malicious cyber operation has been identified; and (7) support public and private sector entities, as appropriate, in the execution of plans developed pursuant to this section. The Office shall be composed of— (1) a central planning staff; and (2) appropriate representatives of Federal departments and agencies, including— (A) the Department; (B) United States Cyber Command; (C) the National Security Agency; (D) the Federal Bureau of Investigation; (E) the Department of Justice; and (F) the Office of the Director of National Intelligence. In carrying out its responsibilities described in subsection (b), the Office shall regularly consult with appropriate representatives of non-Federal entities, such as— (1) State, local, federally-recognized Tribal, and territorial governments; (2) information sharing and analysis organizations, including information sharing and analysis centers; (3) owners and operators of critical information systems; (4) private entities; and (5) other appropriate representatives or entities, as determined by the Secretary. The Secretary and the head of a Federal department or agency referred to in subsection (c) may enter into agreements for the purpose of detailing personnel on a reimbursable or non-reimbursable basis. (f) DefinitionsIn this section: (1) Cyber defense operationThe term "cyber defense operation" means defensive activities performed for a cybersecurity purpose. The term "cybersecurity purpose" has the meaning given such term in section 1501 of this title. The terms "cybersecurity risk" and "incident" have the meanings given such terms in section 659 of this title. The term "information sharing and analysis organization" has the meaning given such term in section 671(5) of this title. |
(Pub. L. 107–296, title XXII, §2216, formerly §2215, as added Pub. L. 116–283, div. A, title XVII, §1715(a), Jan. 1, 2021, 134 Stat. 4092; renumbered §2216 and amended Pub. L. 117–81, div. A, title XV, §1547(b)(1)(A)(iii), Dec. 27, 2021, 135 Stat. 2061.) |
EDITORIAL NOTES
AMENDMENTS
2021—Pub. L. 117–81 reenacted section catchline. |
United States Code, 2018 Edition, Supplement 3, Title 6 - DOMESTIC SECURITY |
Bills and Statutes |
United States Code |
Y 1.2/5: |
Title 6 - DOMESTIC SECURITY CHAPTER 1 - HOMELAND SECURITY ORGANIZATION SUBCHAPTER XVIII - CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY Part A - Cybersecurity and Infrastructure Security Sec. 665b - Joint cyber planning office |
section 665b |
2021 |
January 3, 2022 |
No |
standard |
134 Stat. 4092 135 Stat. 2061 |
Public Law 107-296, Public Law 116-283, Public Law 117-81 |