15 USC 278g-3d: Implementation of coordinated disclosure of security vulnerabilities relating to agency information systems, including Internet of Things devices
Result 1 of 1
   
 
15 USC 278g-3d: Implementation of coordinated disclosure of security vulnerabilities relating to agency information systems, including Internet of Things devices Text contains those laws in effect on November 30, 2024
From Title 15-COMMERCE AND TRADECHAPTER 7-NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

§278g–3d. Implementation of coordinated disclosure of security vulnerabilities relating to agency information systems, including Internet of Things devices

(a) Agency guidelines required

Not later than 2 years after December 4, 2020, the Director of OMB, in consultation with the Secretary, shall develop and oversee the implementation of policies, principles, standards, or guidelines as may be necessary to address security vulnerabilities of information systems (including Internet of Things devices).

(b) Operational and technical assistance

Consistent with section 3553(b) of title 44, the Secretary, in consultation with the Director of OMB, shall provide operational and technical assistance to agencies on reporting, coordinating, publishing, and receiving information about security vulnerabilities of information systems (including Internet of Things devices).

(c) Consistency with guidelines from National Institute of Standards and Technology

The Secretary shall ensure that the assistance provided under subsection (b) is consistent with applicable standards and publications developed by the Director of the Institute.

(d) Revision of Federal Acquisition Regulation

The Federal Acquisition Regulation shall be revised as necessary to implement the provisions under this section.

( Pub. L. 116–207, §6, Dec. 4, 2020, 134 Stat. 1005 .)


Editorial Notes

Codification

Section was enacted as part of the Internet of Things Cybersecurity Improvement Act of 2020, also known as the IoT Cybersecurity Improvement Act of 2020, and not as part of the National Institute of Standards and Technology Act which comprises this chapter.


Statutory Notes and Related Subsidiaries

Definitions

For definitions of terms used in this section, see section 278g–3a of this title.