CISA Cyber Exercise Act

5/11/2023, 3:45 PM

CISA Cyber Exercise Act

This bill establishes the National Cyber Exercise Program to evaluate the National Cyber Incident Response Plan and related plans and strategies. (The National Cyber Incident Response Plan outlines the roles and responsibilities, capabilities, and coordinating structures that support how the United States responds to and recovers from significant cyber incidents posing risks to critical infrastructure.)

Based on current risk assessments, the exercise program shall be designed to (1) simulate partial or complete incapacitation of a government or critical infrastructure network resulting from a cyber incident, (2) provide for the systematic evaluation of cyber readiness and enhance operational understanding of the cyber incident response system and relevant information sharing agreements, and (3) develop after-action reports and plans that can incorporate lessons learned into future operations.

The CISA Cyber Exercise Act, also known as Bill 117 hr 3223, is a piece of legislation introduced in the United States Congress. The purpose of this bill is to enhance the cybersecurity of critical infrastructure by requiring the Cybersecurity and Infrastructure Security Agency (CISA) to develop and conduct cybersecurity exercises.

Under this bill, CISA would be responsible for coordinating and conducting exercises to simulate cyber attacks on critical infrastructure, such as energy, transportation, and communication systems. These exercises would help to identify vulnerabilities and improve the response capabilities of both government and private sector entities.

Additionally, the CISA Cyber Exercise Act would require CISA to report to Congress on the results of these exercises and provide recommendations for improving cybersecurity practices. This information would be crucial for policymakers and industry leaders to better understand the threats facing critical infrastructure and take proactive measures to protect against cyber attacks. Overall, the CISA Cyber Exercise Act aims to strengthen the cybersecurity of critical infrastructure through coordinated exercises and information sharing. By enhancing preparedness and response capabilities, this bill seeks to mitigate the risks posed by cyber threats and safeguard the nation's vital systems and services.
Congress
117

Number
HR - 3223

Introduced on
2021-05-13

# Amendments
0

Sponsors
+5

Cosponsors
+5

Variations and Revisions

7/21/2021

Status of Legislation

Bill Introduced
Introduced to House
Passed in House
Introduced to Senate
Senate to Vote

Purpose and Summary

CISA Cyber Exercise Act

This bill establishes the National Cyber Exercise Program to evaluate the National Cyber Incident Response Plan and related plans and strategies. (The National Cyber Incident Response Plan outlines the roles and responsibilities, capabilities, and coordinating structures that support how the United States responds to and recovers from significant cyber incidents posing risks to critical infrastructure.)

Based on current risk assessments, the exercise program shall be designed to (1) simulate partial or complete incapacitation of a government or critical infrastructure network resulting from a cyber incident, (2) provide for the systematic evaluation of cyber readiness and enhance operational understanding of the cyber incident response system and relevant information sharing agreements, and (3) develop after-action reports and plans that can incorporate lessons learned into future operations.

The CISA Cyber Exercise Act, also known as Bill 117 hr 3223, is a piece of legislation introduced in the United States Congress. The purpose of this bill is to enhance the cybersecurity of critical infrastructure by requiring the Cybersecurity and Infrastructure Security Agency (CISA) to develop and conduct cybersecurity exercises.

Under this bill, CISA would be responsible for coordinating and conducting exercises to simulate cyber attacks on critical infrastructure, such as energy, transportation, and communication systems. These exercises would help to identify vulnerabilities and improve the response capabilities of both government and private sector entities.

Additionally, the CISA Cyber Exercise Act would require CISA to report to Congress on the results of these exercises and provide recommendations for improving cybersecurity practices. This information would be crucial for policymakers and industry leaders to better understand the threats facing critical infrastructure and take proactive measures to protect against cyber attacks. Overall, the CISA Cyber Exercise Act aims to strengthen the cybersecurity of critical infrastructure through coordinated exercises and information sharing. By enhancing preparedness and response capabilities, this bill seeks to mitigate the risks posed by cyber threats and safeguard the nation's vital systems and services.
Alternative Names
Official Title as IntroducedTo amend the Homeland Security Act of 2002 to establish in the Cybersecurity and Infrastructure Security Agency the National Cyber Exercise Program, and for other purposes.

Policy Areas
Science, Technology, Communications

Potential Impact
Computer security and identity theft•
Computers and information technology•
Crime prevention•
Emergency planning and evacuation•
Government studies and investigations•
Homeland security•
Infrastructure development•
Intergovernmental relations•
State and local government operations

Comments

Recent Activity

Latest Summary8/11/2021

CISA Cyber Exercise Act

This bill establishes the National Cyber Exercise Program to evaluate the National Cyber Incident Response Plan and related plans and strategies. (The National Cyber Incident Response Plan outlines the roles ...


Latest Action7/21/2021
Received in the Senate and Read twice and referred to the Committee on Homeland Security and Governmental Affairs.