06-27-2010, 06:22 PM
|
|
|
The People's Post
Industry Role:
Join Date: Dec 2008
Location: invisible 7-11
Posts: 65,294
|
stand down peeps- leave it to prisonplanet to mislead via bad information.
The Act will provide a responsible framework, developed in coordination with the private sector, for the President to authorize emergency measures, limited in both scope and duration, to protect the nation?s most critical infrastructure if a cyber vulnerability is being exploited or is about to be exploited. The President must notify Congress in advance about the threat and the emergency measures that will be taken to mitigate it. Any emergency measures imposed must be the least disruptive necessary to respond to the threat. These emergency measures will expire after 30 days unless the President orders an extension. The bill does not authorize any new surveillance authorities, or permit the government to ?take over? private networks.
here's the specific text from the bill
Quote:
10 ??SEC. 249. NATIONAL CYBER EMERGENCIES.
11 ??(a) DECLARATION.?
12 ??(1) IN GENERAL.?The President may issue a
13 declaration of a national cyber emergency to covered
14 critical infrastructure. Any declaration under this
15 section shall specify the covered critical infrastruc16
ture subject to the national cyber emergency.
17 ??(2) NOTIFICATION.?Upon issuing a declara18
tion under paragraph (1), the President shall, con19
sistent with the protection of intelligence sources
20 and methods, notify the owners and operators of the
21 specified covered critical infrastructure of the nature
22 of the national cyber emergency.
23 ??(3) AUTHORITIES.?If the President issues a
24 declaration under paragraph (1), the Director
25 shall?
77
HEN10553 S.L.C.
1 ??(A) immediately direct the owners and
2 operators of covered critical infrastructure sub3
ject to the declaration under paragraph (1) to
4 implement response plans required under sec5
tion 248(b)(2)(C);
6 ??(B) develop and coordinate emergency
7 measures or actions necessary to preserve the
8 reliable operation, and mitigate or remediate
9 the consequences of the potential disruption, of
10 covered critical infrastructure;
11 ??(C) ensure that emergency measures or
12 actions directed under this section represent the
13 least disruptive means feasible to the operations
14 of the covered critical infrastructure;
15 ??(D) subject to subsection (f), direct ac16
tions by other Federal agencies to respond to
17 the national cyber emergency;
18 ??(E) coordinate with officials of State and
19 local governments, international partners of the
20 United States, and private owners and opera21
tors of covered critical infrastructure specified
22 in the declaration to respond to the national
23 cyber emergency;
78
HEN10553 S.L.C.
1 ??(F) initiate a process under section 248
2 to address the cyber vulnerability that may be
3 exploited by the national cyber emergency; and
4 ??(G) provide voluntary technical assist5
ance, if requested, under section 242(f)(1)(S).
24 ??(b) DISCONTINUANCE OF EMERGENCY MEAS25
URES.?
79
HEN10553 S.L.C.
1 ??(1) IN GENERAL.?Any emergency measure or
2 action developed under this section shall cease to
3 have effect not later than 30 days after the date on
4 which the President issued the declaration of a na5
tional cyber emergency, unless?
6 ??(A) the Director affirms in writing that
7 the emergency measure or action remains nec8
essary to address the identified national cyber
9 emergency; and
10 ??(B) the President issues a written order
11 or directive reaffirming the national cyber
12 emergency, the continuing nature of the na13
tional cyber emergency, or the need to continue
14 the adoption of the emergency measure or ac15
tion.
16 ??(2) EXTENSIONS.?An emergency measure or
17 action extended in accordance with paragraph (1)
18 may?
19 ??(A) remain in effect for not more than 30
20 days after the date on which the emergency
21 measure or action was to cease to have effect;
22 and
23 ??(B) be extended for additional 30-day pe24
riods, if the requirements of paragraph (1) and
25 subsection (d) are met.
80
HEN10553 S.L.C.
1 ??(c) COMPLIANCE WITH EMERGENCY MEASURES.?
2 ??(1) IN GENERAL.?Subject to paragraph (2),
3 the owner or operator of covered critical infrastruc4
ture shall immediately comply with any emergency
5 measure or action developed by the Director under
6 this section during the pendency of any declaration
7 by the President under subsection (a)(1) or an ex8
tension under subsection (b)(2).
9 ??(2) ALTERNATIVE MEASURES.?If the Director
10 determines that a proposed security measure, or any
11 combination thereof, submitted by the owner or op12
erator of covered critical infrastructure in accord13
ance with the process established under section
14 248(b)(2) addresses the cyber vulnerability associ15
ated with the national cyber emergency that is the
16 subject of the declaration under this section, the
17 owner or operator may comply with paragraph (1) of
18 this subsection by implementing the proposed secu19
rity measure, or combination thereof, approved by
20 the Director under the process established under
21 section 248. Before submission of a proposed secu22
rity measure, or combination thereof, and during the
23 pendency of any review by the Director under the
24 process established under section 248, the owner or
25 operator of covered critical infrastructure shall re81
HEN10553 S.L.C.
1 main in compliance with any emergency measure or
2 action developed by the Director under this section
3 during the pendency of any declaration by the Presi4
dent under subsection (a)(1) or an extension under
5 subsection (b)(2), until such time as the Director
6 has approved an alternative proposed security meas7
ure, or combination thereof, under this paragraph.
|
threat averted. |
|
|