Prophet's Blog

US Cybersecurity Act of 2012

2012-02-25T14:32:00.001-08:00

HEN12160 S.L.C.
112TH CONGRESS
2D SESSION S. ll
To enhance the security and resiliency of the cyber and communications
infrastructure of the United States.
IN THE SENATE OF THE UNITED STATES
llllllllll
Mr. LIEBERMAN (for himself, Ms. COLLINS, Mr. ROCKEFELLER, and Mrs.
FEINSTEIN) introduced the following bill; which was read twice and referred
to the Committee on llllllllll
A BILL
To enhance the security and resiliency of the cyber and
communications infrastructure of the United States.
1 Be it enacted by the Senate and House of Representa2
tives of the United States of America in Congress assembled,
3 SECTION 1. SHORT TITLE; TABLE OF CONTENTS.
4 (a) SHORT TITLE.—This Act may be cited as the
5 ‘‘Cybersecurity Act of 2012’’.
6 (b) TABLE OF CONTENTS.—The table of contents for
7 this Act is as follows:
Sec. 1. Short title; table of contents.
Sec. 2. Definitions.
TITLE I—PROTECTING CRITICAL INFRASTRUCTURE
Sec. 101. Definitions and responsibilities.
2
HEN12160 S.L.C.
Sec. 102. Sector-by-sector cyber risk assessments.
Sec. 103. Procedure for designation of covered critical infrastructure.
Sec. 104. Sector-by-sector risk-based cybersecurity performance requirements.
Sec. 105. Security of covered critical infrastructure.
Sec. 106. Sector-specific agencies.
Sec. 107. Protection of information.
Sec. 108. Voluntary technical assistance.
Sec. 109. Emergency planning.
Sec. 110. International cooperation.
Sec. 111. Effect on other laws.
TITLE II—PROTECTING GOVERNMENT NETWORKS
Sec. 201. FISMA Reform.
Sec. 202. Management of information technology.
Sec. 203. Savings provisions.
TITLE III—CLARIFYING AND STRENGTHENING EXISTING ROLES
AND AUTHORITIES
Sec. 301. Consolidation of existing departmental cyber resources and authorities.
TITLE IV—EDUCATION, RECRUITMENT, AND WORKFORCE
DEVELOPMENT
Sec. 401. Definitions.
Sec. 402. National education and awareness campaign.
Sec. 403. National cybersecurity competition and challenge.
Sec. 404. Federal cyber scholarship-for-service program.
Sec. 405. Assessment of cybersecurity Federal workforce.
Sec. 406. Federal cybersecurity occupation classifications.
Sec. 407. Training and education.
Sec. 408. Cybersecurity incentives.
TITLE V—RESEARCH AND DEVELOPMENT
Sec. 501. Federal cybersecurity research and development.
Sec. 502. Homeland security cybersecurity research and development.
TITLE VI—FEDERAL ACQUISITION RISK MANAGEMENT STRATEGY
Sec. 601. Federal acquisition risk management strategy.
Sec. 602. Amendments to Clinger-Cohen provisions to enhance agency planning
for information security needs.
TITLE VII—INFORMATION SHARING
Sec. 701. Affirmative authority to monitor and defend against cybersecurity
threats.
Sec. 702. Voluntary disclosure of cybersecurity threat indicators among private
entities.
Sec. 703. Cybersecurity exchanges.
Sec. 704. Voluntary disclosure of cybersecurity threat indicators to a cybersecurity
exchange.
Sec. 705. Sharing of classified cybersecurity threat indicators.
Sec. 706. Limitation on liability and good faith defense for cybersecurity activities.
3
HEN12160 S.L.C.
Sec. 707. Construction; Federal preemption.
Sec. 708. Definitions.
TITLE VIII—PUBLIC AWARENESS REPORTS
Sec. 801. Findings.
Sec. 802. Report on cyber incidents against Government networks.
Sec. 803. Reports on prosecution for cybercrime.
Sec. 804. Report on research relating to secure domain.
Sec. 805. Report on preparedness of Federal courts to promote cybersecurity.
Sec. 806. Report on impediments to public awareness.
Sec. 807. Report on protecting the electrical grid of the United States.
TITLE IX—INTERNATIONAL COOPERATION
Sec. 901. Definitions.
Sec. 902. Findings.
Sec. 903. Sense of Congress.
Sec. 904. Coordination of international cyber issues within the United States
Government.
Sec. 905. Consideration of cybercrime in foreign policy and foreign assistance
programs.
1 SEC. 2. DEFINITIONS.
2 In this Act:
3 (1) COMMERCIAL INFORMATION TECHNOLOGY
4 PRODUCT.—The term ‘‘commercial information tech5
nology product’’ means a commercial item that orga6
nizes or communicates information electronically.
7 (2) COMMERCIAL ITEM.—The term ‘‘commer8
cial item’’ has the meaning given the term in section
9 103 of title 41, United States Code.
10 (3) COVERED CRITICAL INFRASTRUCTURE.—
11 The term ‘‘covered critical infrastructure’’ means a
12 system or asset designated by the Secretary as cov13
ered critical infrastructure in accordance with the
14 procedure established under section 103.
4
HEN12160 S.L.C.
1 (4) COVERED SYSTEM OR ASSET.—The term
2 ‘‘covered system or asset’’ means a system or asset
3 of covered critical infrastructure.
4 (5) CRITICAL INFRASTRUCTURE.—The term
5 ‘‘critical infrastructure’’ has the meaning given that
6 term in section 1016(e) of the USA PATRIOT Act
7 (42 U.S.C. 5195c(e)).
8 (6) DEPARTMENT.—The term ‘‘Department’’
9 means the Department of Homeland Security.
10 (7) FEDERAL AGENCY.—The term ‘‘Federal
11 agency’’ has the meaning given the term ‘‘agency’’
12 in section 3502 of title 44, United States Code.
13 (8) FEDERAL INFORMATION INFRASTRUC14
TURE.—The term ‘‘Federal information infrastruc15
ture’’—
16 (A) means information and information
17 systems that are owned, operated, controlled, or
18 licensed for use by, or on behalf of, any Federal
19 agency, including information systems used or
20 operated by another entity on behalf of a Fed21
eral agency; and
22 (B) does not include—
23 (i) a national security system; or
24 (ii) information and information sys25
tems that are owned, operated, controlled,
5
HEN12160 S.L.C.
1 or licensed for use by, or on behalf of, the
2 Department of Defense, a military depart3
ment, or another element of the intel4
ligence community.
5 (9) INCIDENT.—The term ‘‘incident’’ has the
6 meaning given that term in section 3552 of title 44,
7 United States Code, as added by section 201 of this
8 Act.
9 (10) INFORMATION INFRASTRUCTURE.—The
10 term ‘‘information infrastructure’’ means the under11
lying framework that information systems and assets
12 rely on to process, transmit, receive, or store infor13
mation electronically, including programmable elec14
tronic devices and communications networks and any
15 associated hardware, software, or data.
16 (11) INFORMATION SHARING AND ANALYSIS OR17
GANIZATION.—The term ‘‘Information Sharing and
18 Analysis Organization’’ has the meaning given that
19 term in section 212 of the Homeland Security Act
20 of 2002 (6 U.S.C. 131).
21 (12) INFORMATION SYSTEM.—The term ‘‘infor22
mation system’’ has the meaning given that term in
23 section 3502 of title 44, United States Code.
24 (13) INSTITUTION OF HIGHER EDUCATION.—
25 The term ‘‘institution of higher education’’ has the
6
HEN12160 S.L.C.
1 meaning given that term in section 102 of the High2
er Education Act of 1965 (20 U.S.C. 1002).
3 (14) INTELLIGENCE COMMUNITY.—The term
4 ‘‘intelligence community’’ has the meaning given
5 that term under section 3(4) of the National Secu6
rity Act of 1947 (50 U.S.C. 401a(4)).
7 (15) NATIONAL INFORMATION INFRASTRUC8
TURE.—The term ‘‘national information infrastruc9
ture’’ means information and information systems—
10 (A) that are owned, operated, or con11
trolled, in whole or in part, within or from the
12 United States; and
13 (B) that are not owned, operated, con14
trolled, or licensed for use by a Federal agency.
15 (16) NATIONAL SECURITY SYSTEM.—The term
16 ‘‘national security system’’ has the meaning given
17 that term in section 3552 of title 44, United States
18 Code, as added by section 201 of this Act.
19 (17) OWNER.—The term ‘‘owner’’—
20 (A) means an entity that owns a covered
21 system or asset; and
22 (B) does not include a company contracted
23 by the owner to manage, run, or operate a cov24
ered system or asset, or to provide a specific in25
formation technology product or service that is
7
HEN12160 S.L.C.
1 used or incorporated into a covered system or
2 asset.
3 (18) OPERATOR.—The term ‘‘operator’’—
4 (A) means an entity that manages, runs,
5 or operates, in whole or in part, the day-to-day
6 operations of a covered system or asset; and
7 (B) may include the owner of a covered
8 system or asset.
9 (19) SECRETARY.—The term ‘‘Secretary’’
10 means the Secretary of Homeland Security.
11 TITLE I—PROTECTING CRITICAL
12 INFRASTRUCTURE
13 SEC. 101. DEFINITIONS AND RESPONSIBILITIES.
14 (a) DEFINITIONS.—In this title:
15 (1) CYBER RISK.—The term ‘‘cyber risk’’
16 means any risk to information infrastructure, includ17
ing physical or personnel risks and security
18 vulnerabilities, that, if exploited or not mitigated,
19 could pose a significant risk of disruption to the op20
eration of information infrastructure essential to the
21 reliable operation of covered critical infrastructure.
22 (2) SECTOR-SPECIFIC AGENCY.—The term ‘‘sec23
tor-specific agency’’ means the relevant Federal
24 agency responsible for infrastructure protection ac25
tivities in a designated critical infrastructure sector
8
HEN12160 S.L.C.
1 or key resources category under the National Infra2
structure Protection Plan, or any other appropriate
3 Federal agency identified by the President after the
4 date of enactment of this Act.
5 (b) RESPONSIBILITY OF OWNER.—It shall be the re6
sponsibility of an owner to comply with the requirements
7 of this Act.
8 SEC. 102. SECTOR-BY-SECTOR CYBER RISK ASSESSMENTS.
9 (a) IN GENERAL.—The Secretary, in consultation
10 with entities that own or operate critical infrastructure,
11 the Critical Infrastructure Partnership Advisory Council,
12 and appropriate Information Sharing and Analysis Orga13
nizations, and in coordination with the intelligence com14
munity, the Department of Defense, the Department of
15 Commerce, sector-specific agencies and other Federal
16 agencies with responsibilities for regulating the security
17 of entities that own or operate critical infrastructure
18 shall—
19 (1) not later than 90 days after the date of en20
actment of this Act, conduct a top-level assessment
21 of the cybersecurity threats, vulnerabilities, risks,
22 and probability of a catastrophic incident across all
23 critical infrastructure sectors to determine which
24 sectors pose the greatest immediate risk, in order to
9
HEN12160 S.L.C.
1 guide the allocation of resources for the implementa2
tion of this Act; and
3 (2) beginning with the highest priority sectors
4 identified under paragraph (1), conduct, on an ongo5
ing, sector-by-sector basis, cyber risk assessments of
6 the critical infrastructure in a manner that—
7 (A) uses state-of-the art threat modeling,
8 simulation, and analysis techniques;
9 (B) incorporates, as appropriate, any exist10
ing similar risk assessments; and
11 (C) considers—
12 (i) the actual or assessed threat, in13
cluding consideration of adversary capabili14
ties and intent, intrusion techniques, pre15
paredness, target attractiveness, and deter16
rence capabilities;
17 (ii) the extent and likelihood of death,
18 injury, or serious adverse effects to human
19 health and safety caused by damage or un20
authorized access to critical infrastructure;
21 (iii) the threat to or impact on na22
tional security caused by damage or unau23
thorized access to critical infrastructure;
24 (iv) the extent to which damage or
25 unauthorized access to critical infrastruc10
HEN12160 S.L.C.
1 ture will disrupt the reliable operation of
2 other critical infrastructure;
3 (v) the harm to the economy that
4 would result from damage or unauthorized
5 access to critical infrastructure;
6 (vi) the risk of national or regional
7 catastrophic damage within the United
8 States caused by damage or unauthorized
9 access to information infrastructure lo10
cated outside the United States;
11 (vii) the overall preparedness and re12
silience of each sector against damage or
13 unauthorized access to critical infrastruc14
ture, including the effectiveness of market
15 forces at driving security innovation and
16 secure practices; and
17 (viii) any other risk-based security
18 factors appropriate and necessary to pro19
tect public health and safety, critical infra20
structure, or national and economic secu21
rity.
22 (b) INPUT OF OWNERS AND OPERATORS.—
23 (1) IN GENERAL.—The Secretary shall—
24 (A) establish a process under which enti25
ties that own or operate critical infrastructure
11
HEN12160 S.L.C.
1 and other relevant private sector experts pro2
vide input into the risk assessments conducted
3 under this section; and
4 (B) seek and incorporate private sector ex5
pertise available through established public-pri6
vate partnerships, including the Critical Infra7
structure Partnership Advisory Council and ap8
propriate Information Sharing and Analysis Or9
ganizations.
10 (2) PROTECTION OF INFORMATION.—Any infor11
mation submitted as part of the process established
12 under paragraph (1) shall be protected in accord13
ance with section 107.
14 (c) METHODOLOGIES FOR ASSESSING INFORMATION
15 SECURITY RISK.—The Secretary and the Director of the
16 National Institute of Standards and Technology, in con17
sultation with entities that own or operate critical infra18
structure and relevant private sector and academic ex19
perts, shall—
20 (1) develop repeatable, qualitative, and quan21
titative methodologies for assessing information se22
curity risk; or
23 (2) use methodologies described in paragraph
24 (1) that are in existence on the date of enactment
12
HEN12160 S.L.C.
1 of this Act and make the methodologies publicly
2 available.
3 (d) SUBMISSION OF RISK ASSESSMENTS.—The Sec4
retary shall submit each risk assessment conducted under
5 this section, in a classified or unclassified form as nec6
essary, to—
7 (1) the President;
8 (2) appropriate Federal agencies; and
9 (3) appropriate congressional committees.
10 SEC. 103. PROCEDURE FOR DESIGNATION OF COVERED
11 CRITICAL INFRASTRUCTURE.
12 (a) RESPONSIBILITY FOR DESIGNATION OF COVERED
13 CRITICAL INFRASTRUCTURE.—
14 (1) IN GENERAL.—The Secretary, in consulta15
tion with entities that own or operate critical infra16
structure, the Critical Infrastructure Partnership
17 Advisory Council, appropriate Information Sharing
18 and Analysis Organizations, and other appropriate
19 representatives of State and local governments, shall
20 establish a procedure for the designation of critical
21 infrastructure, on a sector-by-sector basis, as cov22
ered critical infrastructure for the purposes of this
23 Act.
24 (2) DUTIES.—In establishing the procedure
25 under paragraph (1), the Secretary shall—
13
HEN12160 S.L.C.
1 (A) prioritize the efforts of the Depart2
ment based on the prioritization established
3 under section 102(a)(1);
4 (B) incorporate, to the extent practicable,
5 the input of entities that own or operate critical
6 infrastructure, the Critical Infrastructure Part7
nership Advisory Council, appropriate Informa8
tion Sharing and Analysis Organizations, and
9 other appropriate representatives of the private
10 sector and State and local governments;
11 (C) coordinate with the head of the sector12
specific agency with responsibility for critical
13 infrastructure and the head of any Federal
14 agency with responsibilities for regulating the
15 security of critical infrastructure;
16 (D) develop a mechanism for owners to
17 submit information to assist the Secretary in
18 making determinations under this section; and
19 (E) periodically, but not less often than
20 annually, review and update designations under
21 this section.
22 (b) DESIGNATION OF COVERED CRITICAL INFRA23
STRUCTURE.—
14
HEN12160 S.L.C.
1 (1) GUIDELINES FOR DESIGNATION.—In desig2
nating covered critical infrastructure for the pur3
poses of this Act, the Secretary shall—
4 (A) designate covered critical infrastruc5
ture on a sector-by-sector basis and at the sys6
tem or asset level;
7 (B) inform owners of the criteria used to
8 identify covered critical infrastructure;
9 (C) only designate a system or asset as
10 covered critical infrastructure if damage or un11
authorized access to that system or asset could
12 reasonably result in—
13 (i) the interruption of life-sustaining
14 services, including energy, water, transpor15
tation, emergency services, or food, suffi16
cient to cause—
17 (I) a mass casualty event that in18
cludes an extraordinary number of fa19
talities; or
20 (II) mass evacuations with a pro21
longed absence;
22 (ii) catastrophic economic damage to
23 the United States including—
15
HEN12160 S.L.C.
1 (I) failure or substantial disrup2
tion of a United States financial mar3
ket;
4 (II) incapacitation or sustained
5 disruption of a transportation system;
6 or
7 (III) other systemic, long-term
8 damage to the United States economy;
9 or
10 (iii) severe degradation of national se11
curity or national security capabilities, in12
cluding intelligence and defense functions;
13 and
14 (D) consider the sector-by-sector risk as15
sessments developed in accordance with section
16 102.
17 (2) LIMITATIONS.—The Secretary may not des18
ignate as covered critical infrastructure under this
19 section—
20 (A) a system or asset based solely on ac21
tivities protected by the first amendment to the
22 Constitution of the United States;
23 (B) an information technology product or
24 service based solely on a finding that the prod16
HEN12160 S.L.C.
1 uct or service is capable of, or is actually, being
2 used in covered critical infrastructure;
3 (C) a commercial information technology
4 product, including hardware and software; or
5 (D) any service provided in support of a
6 product specified in subparagraph (C), includ7
ing installation services, maintenance services,
8 repair services, training services, and any other
9 services provided in support of the product.
10 (3) NOTIFICATION OF IDENTIFICATION OF SYS11
TEM OR ASSET.—Not later than 30 days after the
12 Secretary designates a system or asset as covered
13 critical infrastructure under this section, the Sec14
retary shall notify the owner of the system or asset
15 that was designated and the basis for the designa16
tion.
17 (4) SELF-DESIGNATION OF SYSTEM OR ASSET
18 AS COVERED CRITICAL INFRASTRUCTURE.—The
19 owner of a system or asset may request that the sys20
tem or asset be designated as covered critical infra21
structure under this section if the owner determines
22 that the system or asset meets the criteria for des23
ignation.
24 (5) SYSTEM OR ASSET NO LONGER COVERED
25 CRITICAL INFRASTRUCTURE.—
17
HEN12160 S.L.C.
1 (A) IN GENERAL.—If the Secretary deter2
mines that any system or asset that was des3
ignated as covered critical infrastructure under
4 this section no longer constitutes covered crit5
ical infrastructure, the Secretary shall promptly
6 notify the owner of that system or asset of that
7 determination.
8 (B) SELF-DESIGNATION.—If an owner de9
termines that an asset or system previously
10 self-designated as covered critical infrastructure
11 under paragraph (4) no longer meets the cri12
teria for designation, the owner shall notify the
13 Secretary of this determination and submit to
14 the redress process under subsection (c).
15 (6) DEFINITION.—In this subsection, the term
16 ‘‘damage’’ has the meaning given that term in sec17
tion 1030(e) of title 18, United States Code.
18 (c) REDRESS.—
19 (1) IN GENERAL.—Subject to paragraphs (2)
20 and (3), the Secretary shall develop a mechanism,
21 consistent with subchapter II of chapter 5 of title 5,
22 United States Code, for an owner notified under
23 subsection (b)(3) or for an owner that self-des24
ignates under subsection (b)(4) to request that the
25 Secretary review—
18
HEN12160 S.L.C.
1 (A) the designation of a system or asset as
2 covered critical infrastructure;
3 (B) the rejection of the self-designation of
4 an owner of a system or asset as covered crit5
ical infrastructure; or
6 (C) a determination under subsection
7 (b)(5)(B).
8 (2) APPEAL TO FEDERAL COURT.—A civil ac9
tion seeking judicial review of a final agency action
10 taken under the mechanism developed under para11
graph (1) shall be filed in the United States District
12 Court for the District of Columbia.
13 (3) COMPLIANCE.—An owner shall comply with
14 this title relating to covered critical infrastructure
15 until such time as the critical infrastructure is no
16 longer designated as covered critical infrastructure,
17 based on—
18 (A) an appeal under paragraph (1);
19 (B) a determination of the Secretary unre20
lated to an appeal; or
21 (C) a final judgment entered in a civil ac22
tion seeking judicial review brought in accord23
ance with paragraph (2).
19
HEN12160 S.L.C.
1 SEC. 104. SECTOR-BY-SECTOR RISK-BASED CYBERSECURITY
2 PERFORMANCE REQUIREMENTS.
3 (a) PURPOSE.—The purpose of this section is to se4
cure the critical infrastructure of the Nation while pro5
moting and protecting private sector innovation in design
6 and development of technology for the global market for
7 commercial information technology products, including
8 hardware and software and related products and services.
9 (b) PERFORMANCE REQUIREMENTS.—The Secretary,
10 in consultation with owners and operators, the Critical In11
frastructure Partnership Advisory Council, and appro12
priate Information Sharing and Analysis Organizations,
13 and in coordination with the National Institute of Stand14
ards and Technology, the Director of the National Secu15
rity Agency, sector-specific agencies, appropriate rep16
resentatives from State and local governments, and other
17 Federal agencies with responsibilities for regulating the
18 security of covered critical infrastructure, shall identify or
19 develop, on a sector-by-sector basis, risk-based cybersecu20
rity performance requirements (referred to in this section
21 as ‘‘performance requirements’’) that—
22 (1) require owners to remediate or mitigate
23 identified cyber risks and any associated con24
sequences identified under section 102(a) or other25
wise; and
20
HEN12160 S.L.C.
1 (2) do not permit any Federal employee or
2 agency to—
3 (A) regulate commercial information tech4
nology products, including hardware and soft5
ware and related services, including installation
6 services, maintenance services, repair services,
7 training services, and any other services pro8
vided in support of the product;
9 (B) require commercial information tech10
nology products, including hardware and soft11
ware and related services, for use or non-use in
12 covered critical infrastructure; or
13 (C) regulate the design, development, man14
ufacturing, or attributes of commercial informa15
tion technology products, including hardware
16 and software and related services, for use or
17 non-use in covered critical infrastructure.
18 (c) LIMITATION.—If the Secretary determines that
19 there are regulations in effect on the date of enactment
20 of this Act that apply to covered critical infrastructure and
21 that address some or all of the risks identified under sec22
tion 102, the Secretary shall identify or develop perform23
ance requirements under this section only if the regula24
tions do not require an appropriate level of security.
21
HEN12160 S.L.C.
1 (d) IDENTIFICATION AND DEVELOPMENT OF PER2
FORMANCE REQUIREMENTS.—In establishing the per3
formance requirements under this section, the Secretary
4 shall—
5 (1) establish a process for entities that own or
6 operate critical infrastructure, voluntary consensus
7 standards development organizations, representatives
8 of State and local government, and the private sec9
tor, including sector coordinating councils and ap10
propriate Information Sharing and Analysis Organi11
zations to propose performance requirements;
12 (2) identify existing industry practices, stand13
ards, and guidelines; and
14 (3) select and adopt performance requirements
15 submitted under paragraph (1) or identified under
16 paragraph (2) that satisfy other provisions of this
17 section.
18 (e) REQUIREMENT.—If the Secretary determines that
19 none of the performance requirements submitted or identi20
fied under paragraphs (1) and (2) of subsection (d) satisfy
21 the other provisions of this section, the Secretary shall,
22 in consultation with owners and operators, the Critical In23
frastructure Partnership Advisory Council, and appro24
priate Information Sharing and Analysis Organizations,
25 and in coordination with the National Institute of Stand22
HEN12160 S.L.C.
1 ards and Technology, the Director of the National Secu2
rity Agency, sector-specific agencies, and other Federal
3 agencies with responsibilities for regulating the security
4 of covered critical infrastructure, develop satisfactory per5
formance requirements.
6 (f) EXEMPTION AUTHORITY.—
7 (1) IN GENERAL.—The President, in consulta8
tion with the Director of the Office of Management
9 and Budget, may exempt an appropriate part of cov10
ered critical infrastructure from the requirements of
11 this title if the President determines that a sector12
specific regulatory agency has sufficient specific re13
quirements and enforcement mechanisms to effec14
tively mitigate the risks identified under section 102.
15 (2) RECONSIDERATION.—The President may
16 reconsider any exemption under paragraph (1) as
17 appropriate.
18 (g) CONSIDERATION.—The Secretary, in establishing
19 performance requirements under this section, shall take
20 into consideration available resources and anticipated con21
sequences of a cyber attack.
22 SEC. 105. SECURITY OF COVERED CRITICAL INFRASTRUC23
TURE.
24 (a) IN GENERAL.—Not later than 1 year after the
25 date of enactment of this Act, the Secretary, in consulta23
HEN12160 S.L.C.
1 tion with owners and operators, and the Critical Infra2
structure Partnership Advisory Council, and in coordina3
tion with sector-specific agencies and other Federal agen4
cies with responsibilities for regulating the security of cov5
ered critical infrastructure, shall promulgate regulations
6 to enhance the security of covered critical infrastructure
7 against cyber risks.
8 (b) RESPONSIBILITIES.—The regulations promul9
gated under this section shall establish procedures under
10 which—
11 (1) each owner—
12 (A) is regularly informed of cyber risk as13
sessments, identified cybersecurity threats, and
14 the risk-based security performance require15
ments appropriate to the sector of the owner es16
tablished under section 104;
17 (B) selects and implements the cybersecu18
rity measures the owner determines to be best
19 suited to satisfy the risk-based cybersecurity
20 performance requirements established under
21 section 104;
22 (C) develop or update continuity of oper23
ations and incident response plans; and
24
HEN12160 S.L.C.
1 (D) shall report, consistent with the pro2
tections in section 107, significant cyber inci3
dents affecting covered critical infrastructure;
4 (2) the Secretary and each Federal agency with
5 responsibilities for regulating the security of covered
6 critical infrastructure, is notified of the security
7 measure or measures selected by an owner in accord8
ance with paragraph (1)(B); and
9 (3) the Secretary—
10 (A) identifies, in consultation with owners
11 and operators, cyber risks that are not capable
12 of effective remediation or mitigation using
13 available standards, industry practices or other
14 available security measures;
15 (B) provides owners the opportunity to de16
velop practices or security measures to reme17
diate or mitigate the cyber risks identified in
18 section 102 without the prior approval of the
19 Secretary and without affecting the compliance
20 of the covered critical infrastructure with the
21 requirements under this section;
22 (C) in accordance with applicable law relat23
ing to the protection of trade secrets, permits
24 owners and operators to report to the Secretary
25 the development of effective practices or secu25
HEN12160 S.L.C.
1 rity measures to remediate or mitigate the
2 cyber risks identified under section 102; and
3 (D) shall develop, in conjunction with the
4 Secretary of Defense and the Director of Na5
tional Intelligence and in coordination with
6 owners and operators, a procedure for ensuring
7 that owners and operators are, to the maximum
8 extent practicable and consistent with the pro9
tection of sources and methods, informed of rel10
evant real-time threat information.
11 (c) ENFORCEMENT.—
12 (1) REQUIREMENTS.—The regulations promul13
gated under this section shall establish procedures
14 that—
15 (A) require each owner—
16 (i) to certify, on an annual basis, in
17 writing to the Secretary and the head of
18 the Federal agency with responsibilities for
19 regulating the security of the covered crit20
ical infrastructure whether the owner has
21 developed and effectively implemented se22
curity measures sufficient to satisfy the
23 risk-based security performance require24
ments established under section 104; or
26
HEN12160 S.L.C.
1 (ii) to submit a third-party assess2
ment in accordance with subsection (d), on
3 an annual basis;
4 (B) provide for civil penalties for any per5
son who—
6 (i) violates this section; and
7 (ii) fails to remediate such violation in
8 an appropriate timeframe; and
9 (C) do not confer upon any person, except
10 the Federal agency with responsibilities for reg11
ulating the security of the covered critical infra12
structure and the Secretary, a right of action
13 against an owner or operator to enforce any
14 provision of this section.
15 (2) PROPOSED SECURITY MEASURES.—An
16 owner may select any security measures that satisfy
17 the risk-based security performance requirements es18
tablished under section 104.
19 (3) RECOMMENDED SECURITY MEASURES.—
20 Upon request from an owner or operator, the Sec21
retary may recommend a specific security measure
22 that the Secretary believes will satisfy the risk-based
23 security performance requirements established under
24 section 104.
27
HEN12160 S.L.C.
1 (4) SECURITY AND PERFORMANCE-BASED EX2
EMPTIONS.—
3 (A) IN GENERAL.—The Secretary shall de4
velop a process for an owner to demonstrate
5 that—
6 (i) a covered system or asset is suffi7
ciently secured against the risks identified
8 in section 102; or
9 (ii) compliance with risk-based per10
formance requirements developed under
11 section 104 would not substantially im12
prove the security of the covered system or
13 asset.
14 (B) EXEMPTION AUTHORITY.—Upon a de15
termination by the Secretary that a covered sys16
tem or asset is sufficiently secured against the
17 risks identified in section 102, or that compli18
ance with risk based performance requirements
19 developed under section 104 would not substan20
tially improve the security of the system or
21 asset, the Secretary may not require the owner
22 to select or implement cybersecurity measures
23 or submit an annual certification or third party
24 assessment as required under this Act.
28
HEN12160 S.L.C.
1 (C) REQUIREMENT.—The Secretary shall
2 require an owner that was exempted under sub3
paragraph (B) to demonstrate that the covered
4 system or asset of the owner is sufficiently se5
cured against the risks identified in section
6 102, or that compliance with risk based per7
formance requirements developed under section
8 104 would not substantially improve the secu9
rity of the system or asset—
10 (i) not less than once every 3 years; or
11 (ii) if the Secretary has reason to be12
lieve that the covered system or asset no
13 longer meets the exemption qualifications
14 under subparagraph (B).
15 (5) ENFORCEMENT ACTIONS.—An action to en16
force any regulation promulgated pursuant to this
17 section shall be initiated by—
18 (A) the Federal agency with responsibil19
ities for regulating the security of the covered
20 critical infrastructure, in consultation with the
21 Secretary; or
22 (B) the Secretary, when—
23 (i) the covered critical infrastructure
24 is not subject to regulation by another
25 Federal agency;
29
HEN12160 S.L.C.
1 (ii) the head of the Federal agency
2 with responsibilities for regulating the se3
curity of the covered critical infrastructure
4 requests the Secretary take such action; or
5 (iii) the Federal agency with respon6
sibilities for regulating the security of the
7 covered critical infrastructure fails to ini8
tiate such action after a request by the
9 Secretary.
10 (d) ASSESSMENTS.—
11 (1) THIRD-PARTY ASSESSMENTS.—The regula12
tions promulgated under this section shall establish
13 procedures for third-party private entities to conduct
14 assessments that use reliable, repeatable, perform15
ance-based evaluations and metrics to—
16 (A) assess the implementation of the se17
lected security measures;
18 (B) assess the effectiveness of the security
19 measure or measures implemented by the owner
20 in satisfying the risk-based security perform21
ance requirements established under section
22 104;
23 (C) require that third party assessors—
24 (i) be certified by the Secretary, in
25 consultation with the head of any Federal
30
HEN12160 S.L.C.
1 agency with responsibilities for regulating
2 the security of covered critical infrastruc3
ture, after completing a proficiency pro4
gram established by the Secretary in con5
sultation with owners and operators, the
6 Critical Infrastructure Partnership Advi7
sory Council, appropriate Information
8 Sharing and Analysis Organizations, and
9 in coordination with the Director of the
10 National Institute of Standards and Tech11
nology, and relevant Federal agencies;
12 (ii) undergo regular retraining and
13 certification;
14 (iii) provide the findings of the third
15 party assessors to the owners and opera16
tors; and
17 (iv) submit each independent assess18
ment to the owner, the Secretary, and to
19 the Federal agency with responsibilities for
20 regulating the security of the covered crit21
ical infrastructure.
22 (2) OTHER ASSESSMENTS.—The regulations
23 promulgated under this section shall establish proce24
dures under which the Secretary—
31
HEN12160 S.L.C.
1 (A) may perform cybersecurity assessments
2 of selected covered critical infrastructure, in
3 consultation with relevant agencies, based on—
4 (i) the specific cyber risks affecting or
5 potentially affecting the information infra6
structure of the specific system or asset
7 constituting covered critical infrastructure;
8 (ii) any reliable intelligence or other
9 information indicating a cyber risk to the
10 information infrastructure of the specific
11 system or asset constituting covered crit12
ical infrastructure;
13 (iii) actual knowledge or reasonable
14 suspicion that an owner is not in compli15
ance with risk-based security performance
16 requirements established under section
17 104; or
18 (iv) such other risk-based factors as
19 identified by the Secretary; and
20 (B) may use the resources of any relevant
21 Federal agency with the concurrence of the
22 head of such agency;
23 (C) to the extent practicable uses govern24
ment and private sector information security
25 assessment programs that were in existence on
32
HEN12160 S.L.C.
1 the date of enactment of this Act to conduct as2
sessments; and
3 (D) provides copies of any Federal Govern4
ment assessments to the owner of the covered
5 system or asset.
6 (3) ACCESS TO INFORMATION.—
7 (A) IN GENERAL.—For the purposes of an
8 assessment conducted under paragraph (1) or
9 (2), an owner or operator shall provide an as10
sessor any reasonable access necessary to com11
plete the assessment.
12 (B) PROTECTION OF INFORMATION.—In13
formation provided to the Secretary, the Sec14
retary’s designee, or any assessor during the
15 course of an assessment under this section shall
16 be protected from disclosure in accordance with
17 section 107.
18 (e) LIMITATIONS ON CIVIL LIABILITY.—
19 (1) IN GENERAL.—Except as provided in para20
graph (2), in any civil action for damages directly
21 caused by an incident related to a cyber risk identi22
fied under section 102, an owner or operator shall
23 not be liable for any punitive damages intended to
24 punish or deter if the owner or operator—
33
HEN12160 S.L.C.
1 (A) has implemented security measures, or
2 a combination thereof, that satisfy the security
3 performance requirements established under
4 section 104;
5 (B) has undergone successful assessments,
6 submitted an annual certification or third party
7 assessment required by subsection (c)(1), or
8 been granted an exemption in accordance with
9 subsection (c)(4); and
10 (C) is in substantial compliance with the
11 appropriate risk based cybersecurity perform12
ance requirements at the time of the incident
13 related to that cyber risk.
14 (2) LIMITATION.—Paragraph (1) shall only
15 apply to harm directly caused by the incident related
16 to the cyber risk and shall not apply to damages
17 caused by any additional or intervening acts or omis18
sions by the owner or operator.
19 SEC. 106. SECTOR-SPECIFIC AGENCIES.
20 (a) IN GENERAL.—The head of each sector-specific
21 agency and the head of any Federal agency that is not
22 a sector-specific agency with responsibilities for regulating
23 the security of covered critical infrastructure shall coordi24
nate with the Secretary on any activities of the sector25
specific agency or Federal agency that relate to the efforts
34
HEN12160 S.L.C.
1 of the agency regarding the cybersecurity and resiliency
2 to cyber attack of critical infrastructure and covered crit3
ical infrastructure, within or under the supervision of the
4 agency.
5 (b) DUPLICATIVE REPORTING REQUIREMENTS.—
6 (1) IN GENERAL.—The Secretary shall coordi7
nate with the head of each sector-specific agency and
8 the head of any Federal agency that is not a sector9
specific agency with responsibilities for regulating
10 the security of covered critical infrastructure to de11
termine whether reporting requirements in effect on
12 the date of enactment of this Act substantially fulfill
13 any reporting requirements described in this title.
14 (2) PRIOR REQUIRED REPORTS.—If the Sec15
retary determines that a report that was required
16 under a regulatory regime in existence on the date
17 of enactment of this Act substantially satisfies a re18
porting requirement under this title, the Secretary
19 shall use such report and may not require an owner
20 or operator to submit an additional report.
21 (3) COORDINATION.—The Secretary shall co22
ordinate with the head of each sector-specific agency
23 and the head of any Federal agency that is not a
24 sector-specific agency with responsibilities for regu25
lating the security of covered critical infrastructure
35
HEN12160 S.L.C.
1 to eliminate any duplicate reporting or compliance
2 requirements relating to the security or resiliency of
3 critical infrastructure and covered critical infrastruc4
ture, within or under the supervision of the agency.
5 (c) REQUIREMENTS.—
6 (1) IN GENERAL.—To the extent that the head
7 of each sector-specific agency and the head of any
8 Federal agency that is not a sector-specific agency
9 with responsibilities for regulating the security of
10 covered critical infrastructure has the authority to
11 establish regulations, rules, or requirements or other
12 required actions that are applicable to the security
13 of critical infrastructure and covered critical infra14
structure, the head of the agency shall—
15 (A) notify the Secretary in a timely fashion
16 of the intent to establish the regulations, rules,
17 requirements, or other required actions;
18 (B) coordinate with the Secretary to en19
sure that the regulations, rules, requirements,
20 or other required actions are consistent with,
21 and do not conflict or impede, the activities of
22 the Secretary under this title; and
23 (C) in coordination with the Secretary, en24
sure that the regulations, rules, requirements,
25 or other required actions are implemented, as
36
HEN12160 S.L.C.
1 they relate to covered critical infrastructure, in
2 accordance with subsection (a).
3 (2) RULE OF CONSTRUCTION.—Nothing in this
4 section shall be construed to provide additional au5
thority for any sector-specific agency or any Federal
6 agency that is not a sector-specific agency with re7
sponsibilities for regulating the security of critical
8 infrastructure or covered critical infrastructure to
9 establish standards or other measures that are appli10
cable to the security of critical infrastructure not
11 otherwise authorized by law.
12 SEC. 107. PROTECTION OF INFORMATION.
13 (a) DEFINITION.—In this section, the term ‘‘covered
14 information’’—
15 (1) means—
16 (A) any information that constitutes a
17 privileged or confidential trade secret or com18
mercial or financial transaction that is appro19
priately marked at the time it is provided by
20 entities that own or operate critical infrastruc21
ture in sector-by-sector risk assessments con22
ducted under section 102;
23 (B) any information required to be sub24
mitted by owners and operators under section
25 105; and
37
HEN12160 S.L.C.
1 (C) any information submitted by State
2 and local governments, private entities, and
3 international partners of the United States re4
garding threats, vulnerabilities, risks, and inci5
dents affecting—
6 (i) the Federal information infrastruc7
ture;
8 (ii) information infrastructure that is
9 owned, operated, controlled, or licensed for
10 use by, or on behalf of, the Department of
11 Defense, a military department, or another
12 element of the intelligence community; or
13 (iii) critical infrastructure; and
14 (2) does not include any information described
15 under paragraph (1), if that information is sub16
mitted to—
17 (A) conceal violations of law, inefficiency,
18 or administrative error;
19 (B) prevent embarrassment to a person,
20 organization, or agency; or
21 (C) interfere with competition in the pri22
vate sector.
23 (b) VOLUNTARILY SHARED CRITICAL INFRASTRUC24
TURE INFORMATION.—Covered information submitted in
25 accordance with this section shall be treated as voluntarily
38
HEN12160 S.L.C.
1 shared critical infrastructure information under section
2 214 of the Homeland Security Act (6 U.S.C. 133), except
3 that the requirement of such section 214 that the informa4
tion be voluntarily submitted, including the requirement
5 for an express statement, shall not be required for protec6
tion of information under this section to apply.
7 (c) GUIDELINES.—
8 (1) IN GENERAL.—Subject to paragraph (2),
9 the Secretary shall develop and issue guidelines, in
10 consultation with the Attorney General and the Crit11
ical Infrastructure Partnership Advisory Council, ap12
propriate Information Sharing and Analysis Organi13
zations, as necessary to implement this section.
14 (2) REQUIREMENTS.—The guidelines developed
15 under this section shall—
16 (A) include provisions for the sharing of
17 information among governmental and non18
governmental officials and entities in further19
ance of carrying out the authorities and respon20
sibilities of the Secretary;
21 (B) be consistent, to the maximum extent
22 possible, with policy guidance and implementa23
tion standards developed by the National Ar24
chives and Records Administration for con25
trolled unclassified information, including with
39
HEN12160 S.L.C.
1 respect to marking, safeguarding, dissemina2
tion, and dispute resolution; and
3 (C) describe, with as much detail as pos4
sible, the categories and type of information en5
tities should voluntarily submit.
6 (d) PROCESS FOR REPORTING SECURITY THREATS,
7 VULNERABILITIES, RISKS, AND INCIDENTS.—
8 (1) ESTABLISHMENT OF PROCESS.—The Sec9
retary shall establish through regulation, and pro10
vide information to the public regarding, a process
11 by which any person may submit a report to the
12 Secretary regarding cybersecurity threats,
13 vulnerabilities, risks, and incidents affecting—
14 (A) the Federal information infrastructure;
15 (B) information infrastructure that is
16 owned, operated, controlled, or licensed for use
17 by, or on behalf of, the Department of Defense,
18 a military department, or another element of
19 the intelligence community; or
20 (C) critical infrastructure.
21 (2) ACKNOWLEDGMENT OF RECEIPT.—If a re22
port submitted under paragraph (1) includes the
23 identity of the person making the report, the Sec24
retary shall respond promptly to the person and ac25
knowledge receipt of the report.
40
HEN12160 S.L.C.
1 (3) STEPS TO ADDRESS PROBLEM.—Consistent
2 with existing authority, the Secretary shall review
3 and consider the information provided in any report
4 submitted under paragraph (1) and, at the sole,
5 unreviewable discretion of the Secretary, determine
6 what, if any, steps are necessary or appropriate to
7 address any threats, vulnerabilities, risks, and inci8
dents identified.
9 (4) DISCLOSURE OF IDENTITY.—
10 (A) IN GENERAL.—Except as provided in
11 subparagraph (B), or with the written consent
12 of the person, the Secretary may not disclose
13 the identity of a person who has provided infor14
mation described in paragraph (1).
15 (B) REFERRAL TO THE ATTORNEY GEN16
ERAL.—
17 (i) IN GENERAL.—The Secretary shall
18 disclose to the Attorney General the iden19
tity of a person who has provided informa20
tion described in paragraph (1) if the mat21
ter is referred to the Attorney General for
22 enforcement.
23 (ii) NOTICE.—The Secretary shall
24 provide reasonable advance notice to the
25 person described in clause (i) if disclosure
41
HEN12160 S.L.C.
1 of that person’s identity is to occur, unless
2 such notice would risk compromising a
3 criminal or civil enforcement investigation
4 or proceeding.
5 (e) RULES OF CONSTRUCTION.—Nothing in this sec6
tion shall be construed to—
7 (1) limit or otherwise affect the right, ability,
8 duty, or obligation of any entity to use or disclose
9 any information of that entity, including in the con10
duct of any judicial or other proceeding;
11 (2) prevent the classification of information
12 submitted under this section if that information
13 meets the standards for classification under Execu14
tive Order 12958, or any successor thereto, or affect
15 measures and controls relating to the protection of
16 classified information as prescribed by Federal stat17
ute or under Executive Order 12958, or any suc18
cessor thereto;
19 (3) limit the right of an individual to make any
20 disclosure—
21 (A) protected or authorized under section
22 2302(b)(8) or 7211 of title 5, United States
23 Code;
24 (B) to an appropriate official of informa25
tion that the individual reasonably believes evi42
HEN12160 S.L.C.
1 dences a violation of any law, rule, or regula2
tion, gross mismanagement, or substantial and
3 specific danger to public health, safety, or secu4
rity, and that is protected under any Federal or
5 State law (other than those referenced in sub6
paragraph (A)) that shields the disclosing indi7
vidual against retaliation or discrimination for
8 having made the disclosure if such disclosure is
9 not specifically prohibited by law and if such in10
formation is not specifically required by Execu11
tive order to be kept secret in the interest of
12 national defense or the conduct of foreign af13
fairs; or
14 (C) to the Special Counsel, the Inspector
15 General of an agency, or any other employee
16 designated by the head of an agency to receive
17 similar disclosures;
18 (4) prevent the Secretary from using informa19
tion required to be submitted under this Act for en20
forcement of this title, including enforcement pro21
ceedings subject to appropriate safeguards;
22 (5) authorize information to be withheld from
23 Congress, the Comptroller General, or the Inspector
24 General of the Department;
43
HEN12160 S.L.C.
1 (6) affect protections afforded to trade secrets
2 under any other provision of law; or
3 (7) create a private right of action for enforce4
ment of any provision of this section.
5 (f) AUDIT.—
6 (1) IN GENERAL.—Not later than 1 year after
7 the date of enactment of this Act, the Inspector
8 General of the Department shall conduct an audit of
9 the management of information submitted under
10 this section and report the findings to appropriate
11 committees of Congress.
12 (2) CONTENTS.—The audit under paragraph
13 (1) shall include assessments of—
14 (A) whether the information is adequately
15 safeguarded against inappropriate disclosure;
16 (B) the processes for marking and dissemi17
nating the information and resolving any dis18
putes;
19 (C) how the information is used for the
20 purposes of this section, and whether that use
21 is effective;
22 (D) whether information sharing has been
23 effective to fulfill the purposes of this section;
44
HEN12160 S.L.C.
1 (E) whether the kinds of information sub2
mitted have been appropriate and useful, or
3 overbroad or overnarrow;
4 (F) whether the information protections
5 allow for adequate accountability and trans6
parency of the regulatory, enforcement, and
7 other aspects of implementing this title; and
8 (G) any other factors at the discretion of
9 the Inspector General.
10 SEC. 108. VOLUNTARY TECHNICAL ASSISTANCE.
11 Subject to the availability of resources, in accordance
12 with applicable law relating to the protection of trade se13
crets, and at the discretion of the Secretary, the Secretary
14 shall provide voluntary technical assistance at the request
15 of an owner or operator of covered critical infrastructure,
16 to assist the owner or operator in meeting the require17
ments of section 105, including implementing required se18
curity or emergency measures, restoring the critical infra19
structure in the event of destruction or serious disruption,
20 and developing emergency response plans.
21 SEC. 109. EMERGENCY PLANNING.
22 (a) EMERGENCY PLANNING.—In partnership with
23 owners and operators, the Secretary, in coordination with
24 the heads of sector-specific agencies and the heads of other
25 Federal agencies with responsibilities for regulating the
45
HEN12160 S.L.C.
1 security of covered critical infrastructure, shall exercise re2
sponse and restoration plans, including plans required
3 under section 105(b) to—
4 (1) assess performance and improve the capa5
bilities and procedures of government and private
6 sector entities to respond to a major cyber incident;
7 and
8 (2) clarify specific roles, responsibilities, and
9 authorities of government and private sector entities
10 when responding to a major cyber incident.
11 SEC. 110. INTERNATIONAL COOPERATION.
12 (a) IN GENERAL.—The Secretary, in coordination
13 with the Secretary of State or the head of the sector-spe14
cific agencies and the head of any Federal agency with
15 responsibilities for regulating the security of covered crit16
ical infrastructure, shall—
17 (1) consistent with the protection of intelligence
18 sources and methods and other sensitive matters, in19
form the owner or operator of information infra20
structure located outside the United States the dis21
ruption of which could result in national or regional
22 catastrophic damage within the United States and
23 the government of the country in which the informa24
tion infrastructure is located of any cyber risks to
25 such information infrastructure; and
46
HEN12160 S.L.C.
1 (2) coordinate with the government of the coun2
try in which such information infrastructure is lo3
cated and, as appropriate, the owner or operator of
4 the information infrastructure regarding the imple5
mentation of security measures or other measures to
6 the information infrastructure to mitigate or reme7
diate cyber risks.
8 (b) INTERNATIONAL AGREEMENTS.—The Secretary,
9 in coordination with the Secretary of State, including in
10 particular with the interpretation of international agree11
ments, shall perform the functions prescribed by this sec12
tion consistent with applicable international agreements.
13 SEC. 111. EFFECT ON OTHER LAWS.
14 (a) PREEMPTION OF STATE CYBERSECURITY
15 LAWS.—This Act shall supersede any statute, provision of
16 a statute, regulation, or rule of a State or political subdivi17
sion of a State that expressly requires comparable cyberse18
curity practices to protect covered critical infrastructure.
19 (b) PRESERVATION OF OTHER STATE LAW.—Except
20 as expressly provided in subsection (a) and section 105(e),
21 nothing in this Act shall be construed to preempt the ap22
plicability of any other State law or requirement.
47
HEN12160 S.L.C.
1 TITLE II—PROTECTING
2 GOVERNMENT NETWORKS
3 SEC. 201. FISMA REFORM.
4 (a) IN GENERAL.—Chapter 35 of title 44, United
5 States Code, is amended by striking subchapters II and
6 III and inserting the following:
7 ‘‘SUBCHAPTER II—INFORMATION SECURITY
8 ‘‘§ 3551. Purposes
9 ‘‘The purposes of this subchapter are to—
10 ‘‘(1) provide a comprehensive framework for en11
suring the effectiveness of information security con12
trols over information resources that support Fed13
eral operations and assets;
14 ‘‘(2) recognize the highly networked nature of
15 the Federal computing environment and provide ef16
fective governmentwide management of policies, di17
rectives, standards, and guidelines, as well as effec18
tive and nimble oversight of and response to infor19
mation security risks, including coordination of in20
formation security efforts throughout the Federal ci21
vilian, national security, and law enforcement com22
munities;
23 ‘‘(3) provide for development and maintenance
24 of controls required to protect agency information
25 and information systems and contribute to the over48
HEN12160 S.L.C.
1 all improvement of agency information security pos2
ture; and
3 ‘‘(4) provide a mechanism to improve and con4
tinuously monitor the security of agency information
5 security programs and systems through a focus on
6 continuous monitoring of agency information sys7
tems and streamlined reporting requirements rather
8 than overly prescriptive manual reporting.
9 ‘‘§ 3552. Definitions
10 ‘‘(a) IN GENERAL.—Except as provided under sub11
section (b), the definitions under section 3502 (including
12 the definitions of the terms ‘agency’ and ‘information sys13
tem’) shall apply to this subchapter.
14 ‘‘(b) OTHER TERMS.—In this subchapter:
15 ‘‘(1) ADEQUATE SECURITY.—The term ‘ade16
quate security’ means security commensurate with
17 the risk and impact resulting from the unauthorized
18 access to or loss, misuse, destruction, or modifica19
tion of information.
20 ‘‘(2) CONTINUOUS MONITORING.—The term
21 ‘continuous monitoring’ means the ongoing real time
22 or near real-time process used to determine if the
23 complete set of planned, required, and deployed se24
curity controls within an information system con25
tinue to be effective over time in light of rapidly
49
HEN12160 S.L.C.
1 changing information technology and threat develop2
ment. To the maximum extent possible, this also re3
quires automation of that process to enable cost ef4
fective, efficient, and consistent monitoring and pro5
vide a more dynamic view of the security state of
6 those deployed controls.
7 ‘‘(3) INCIDENT.—The term ‘incident’ means an
8 occurrence that—
9 ‘‘(A) actually or imminently jeopardizes,
10 without lawful authority, the integrity, con11
fidentiality, or availability of information or an
12 information system; or
13 ‘‘(B) constitutes a violation or imminent
14 threat of violation of law, security policies, secu15
rity procedures, or acceptable use policies.
16 ‘‘(4) INFORMATION SECURITY.—The term ‘in17
formation security’ means protecting information
18 and information systems from unauthorized access,
19 use, disclosure, disruption, modification, or destruc20
tion in order to provide—
21 ‘‘(A) integrity, which means guarding
22 against improper information modification or
23 destruction, and includes ensuring nonrepudi24
ation and authenticity;
50
HEN12160 S.L.C.
1 ‘‘(B) confidentiality, which means pre2
serving authorized restrictions on access and
3 disclosure, including means for protecting per4
sonal privacy and proprietary information; and
5 ‘‘(C) availability, which means ensuring
6 timely and reliable access to and use of infor7
mation.
8 ‘‘(5) INFORMATION TECHNOLOGY.—The term
9 ‘information technology’ has the meaning given that
10 term in section 11101 of title 40.
11 ‘‘(6) NATIONAL SECURITY SYSTEM.—
12 ‘‘(A) IN GENERAL.—The term ‘national se13
curity system’ means any information system
14 (including any telecommunications system) used
15 or operated by an agency or by a contractor of
16 an agency, or other organization on behalf of an
17 agency—
18 ‘‘(i) the function, operation, or use of
19 which—
20 ‘‘(I) involves intelligence activi21
ties;
22 ‘‘(II) involves cryptologic activi23
ties related to national security;
24 ‘‘(III) involves command and
25 control of military forces;
51
HEN12160 S.L.C.
1 ‘‘(IV) involves equipment that is
2 an integral part of a weapon or weap3
ons system; or
4 ‘‘(V) subject to subparagraph
5 (B), is critical to the direct fulfillment
6 of military or intelligence missions; or
7 ‘‘(ii) that is protected at all times by
8 procedures established for information that
9 have been specifically authorized under cri10
teria established by an Executive order or
11 an Act of Congress to be kept classified in
12 the interest of national defense or foreign
13 policy.
14 ‘‘(B) EXCLUSION.—Subparagraph
15 (A)(i)(V) does not include a system that is to
16 be used for routine administrative and business
17 applications (including payroll, finance, logis18
tics, and personnel management applications).
19 ‘‘(7) SECRETARY.—The term ‘Secretary’ means
20 the Secretary of Homeland Security.
21 ‘‘(8) THREAT ASSESSMENT.—The term ‘threat
22 assessment’ means the real time or near real time
23 process of formally evaluating the degree of threat
24 to an information system or enterprise and describ25
ing the nature of the threat. Threat assessments
52
HEN12160 S.L.C.
1 consist of identifying threat sources, possible threat
2 events, vulnerabilities within a system or network
3 environment, determining the likelihood that an
4 identified threat will occur and the possible adverse
5 impacts of such an occurrence. This requires auto6
mation of that process and rapid sharing of emerg7
ing threat information among government agencies.
8 ‘‘§ 3553. Federal information security authority and
9 coordination
10 ‘‘(a) IN GENERAL.—Except as provided in sub11
sections (f) and (g), the Secretary shall oversee agency in12
formation security policies and practices, including the de13
velopment and oversight of information security policies
14 and directives and compliance with this subchapter.
15 ‘‘(b) DUTIES.—The Secretary shall—
16 ‘‘(1) develop, issue, and oversee the implemen17
tation of information security policies and directives,
18 which shall be compulsory and binding on agencies
19 to the extent determined appropriate by the Sec20
retary, including—
21 ‘‘(A) policies and directives consistent with
22 the standards promulgated under section 11331
23 of title 40 to identify and provide information
24 security protections that are commensurate
25 with the risk and impact resulting from the un53
HEN12160 S.L.C.
1 authorized access, use, disclosure, disruption,
2 modification, or destruction of—
3 ‘‘(i) information collected, created,
4 processed, stored, disseminated, or other5
wise used or maintained by or on behalf of
6 an agency; or
7 ‘‘(ii) information systems used or op8
erated by an agency or by a contractor of
9 an agency or other organization on behalf
10 of an agency;
11 ‘‘(B) minimum operational requirements
12 for network operations centers and security op13
erations centers of agencies to facilitate the
14 protection of and provide common situational
15 awareness for all agency information and infor16
mation systems;
17 ‘‘(C) reporting requirements, consistent
18 with relevant law, regarding information secu19
rity incidents;
20 ‘‘(D) requirements for agencywide informa21
tion security programs, including continuous
22 monitoring of information security;
23 ‘‘(E) performance requirements and
24 metrics for the security of agency information
25 systems;
54
HEN12160 S.L.C.
1 ‘‘(F) training requirements to ensure that
2 agencies are able to fully and timely comply
3 with directions issued by the Secretary under
4 this subchapter;
5 ‘‘(G) training requirements regarding pri6
vacy, civil rights, civil liberties, and information
7 oversight for agency information security em8
ployees;
9 ‘‘(H) requirements for the annual reports
10 to the Secretary under section 3554(c); and
11 ‘‘(I) any other information security re12
quirements as determined by the Secretary;
13 ‘‘(2) review agency information security pro14
grams required to be developed under section
15 3554(b);
16 ‘‘(3) develop and conduct targeted risk assess17
ments and operational evaluations for agency infor18
mation and information systems in consultation with
19 the heads of other agencies or governmental and pri20
vate entities that own and operate such systems,
21 that may include threat, vulnerability, and impact
22 assessments and penetration testing;
23 ‘‘(4) operate consolidated intrusion detection,
24 prevention, or other protective capabilities and use
25 associated countermeasures for the purpose of pro55
HEN12160 S.L.C.
1 tecting agency information and information systems
2 from information security threats;
3 ‘‘(5) in conjunction with other agencies and the
4 private sector, assess and foster the development of
5 information security technologies and capabilities for
6 use across multiple agencies;
7 ‘‘(6) designate an entity to receive reports and
8 information about information security incidents,
9 threats, and vulnerabilities affecting agency informa10
tion systems;
11 ‘‘(7) provide incident detection, analysis, miti12
gation, and response information and remote or on13
site technical assistance to the heads of agencies;
14 and
15 ‘‘(8) coordinate with appropriate agencies and
16 officials to ensure, to the maximum extent feasible,
17 that policies and directives issued under paragraph
18 (1) are complementary with—
19 ‘‘(A) standards and guidelines developed
20 for national security systems; and
21 ‘‘(B) policies and directives issues by the
22 Secretary of Defense, Director of the Central
23 Intelligence Agency, and Director of National
24 Intelligence under subsection (g)(1).
56
HEN12160 S.L.C.
1 ‘‘(c) ISSUING POLICIES AND DIRECTIVES.—When
2 issuing policies and directives under subsection (b), the
3 Secretary shall consider any applicable standards or guide4
lines developed by the National Institute of Standards and
5 Technology and issued by the Secretary of Commerce
6 under section 11331 of title 40. The Secretary shall con7
sult with the Director of the National Institute of Stand8
ards and Technology when such policies and directives im9
plement standards or guidelines developed by National In10
stitute of Standards and Technology. To the maximum ex11
tent feasible, such standards and guidelines shall be com12
plementary with standards and guidelines developed for
13 national security systems.
14 ‘‘(d) COMMUNICATIONS AND SYSTEM TRAFFIC.—
15 ‘‘(1) IN GENERAL.—Notwithstanding any other
16 provision of law, in carrying out the responsibilities
17 under paragraphs (3) and (4) of subsection (b), if
18 the Secretary makes a certification described in
19 paragraph (2), the Secretary may acquire, intercept,
20 retain, use, and disclose communications and other
21 system traffic that are transiting to or from or
22 stored on agency information systems and deploy
23 countermeasures with regard to the communications
24 and system traffic.
57
HEN12160 S.L.C.
1 ‘‘(2) CERTIFICATION.—A certification described
2 in this paragraph is a certification by the Secretary
3 that—
4 ‘‘(A) the acquisitions, interceptions, and
5 countermeasures are reasonably necessary for
6 the purpose of protecting agency information
7 systems from information security threats;
8 ‘‘(B) the content of communications will be
9 collected and retained only when the commu10
nication is associated with a known or reason11
ably suspected information security threat, and
12 communications and system traffic will not be
13 subject to the operation of a countermeasure
14 unless associated with the threats;
15 ‘‘(C) information obtained under activities
16 authorized under this subsection will only be re17
tained, used, or disclosed to protect agency in18
formation systems from information security
19 threats, mitigate against such threats, or, with
20 the approval of the Attorney General, for law
21 enforcement purposes when the information is
22 evidence of a crime which has been, is being, or
23 is about to be committed;
24 ‘‘(D) notice has been provided to users of
25 agency information systems concerning the po58
HEN12160 S.L.C.
1 tential for acquisition, interception, retention,
2 use, and disclosure of communications and
3 other system traffic; and
4 ‘‘(E) the activities are implemented pursu5
ant to policies and procedures governing the ac6
quisition, interception, retention, use, and dis7
closure of communications and other system
8 traffic that have been reviewed and approved by
9 the Attorney General.
10 ‘‘(3) PRIVATE ENTITIES.—The Secretary may
11 enter into contracts or other agreements, or other12
wise request and obtain the assistance of, private en13
tities that provide electronic communication or infor14
mation security services to acquire, intercept, retain,
15 use, and disclose communications and other system
16 traffic in accordance with this subsection.
17 ‘‘(e) DIRECTIONS TO AGENCIES.—
18 ‘‘(1) AUTHORITY.—
19 ‘‘(A) IN GENERAL.—Notwithstanding sec20
tion 3554, and subject to subparagraph (B), in
21 response to a known or reasonably suspected in22
formation security threat, vulnerability, or inci23
dent that represents a substantial threat to the
24 information security of an agency, the Secretary
25 may direct other agency heads to take any law59
HEN12160 S.L.C.
1 ful action with respect to the operation of the
2 information systems, including those owned or
3 operated by another entity on behalf of an
4 agency, that collect, process, store, transmit,
5 disseminate, or otherwise maintain agency in6
formation, for the purpose of protecting the in7
formation system from or mitigating an infor8
mation security threat.
9 ‘‘(B) EXCEPTION.—The authorities of the
10 Secretary under this subsection shall not apply
11 to a system described in paragraph (2), (3), or
12 (4) of subsection (g).
13 ‘‘(2) PROCEDURES FOR USE OF AUTHORITY.—
14 The Secretary shall—
15 ‘‘(A) in coordination with the Director of
16 the Office of Management and Budget and in
17 consultation with Federal contractors, as appro18
priate, establish procedures governing the cir19
cumstances under which a directive may be
20 issued under this subsection, which shall in21
clude—
22 ‘‘(i) thresholds and other criteria;
23 ‘‘(ii) privacy and civil liberties protec24
tions; and
60
HEN12160 S.L.C.
1 ‘‘(iii) providing notice to potentially
2 affected third parties;
3 ‘‘(B) specify the reasons for the required
4 action and the duration of the directive;
5 ‘‘(C) minimize the impact of directives
6 under this subsection by—
7 ‘‘(i) adopting the least intrusive
8 means possible under the circumstances to
9 secure the agency information systems;
10 and
11 ‘‘(ii) limiting directives to the shortest
12 period practicable; and
13 ‘‘(D) notify the Director of the Office of
14 Management and Budget and head of any af15
fected agency immediately upon the issuance of
16 a directive under this subsection.
17 ‘‘(3) IMMINENT THREATS.—
18 ‘‘(A) IN GENERAL.—If the Secretary deter19
mines that there is an imminent threat to agen20
cy information systems and a directive under
21 this subsection is not reasonably likely to result
22 in a timely response to the threat, the Secretary
23 may authorize the use of protective capabilities
24 under the control of the Secretary for commu25
nications or other system traffic transiting to or
61
HEN12160 S.L.C.
1 from or stored on an agency information system
2 without prior consultation with the affected
3 agency for the purpose of ensuring the security
4 of the information or information system or
5 other agency information systems.
6 ‘‘(B) LIMITATION ON DELEGATION.—The
7 authority under this paragraph may not be del8
egated to an official in a position lower than
9 Assistant Secretary.
10 ‘‘(C) NOTICE.—The Secretary or designee
11 of the Secretary shall immediately notify the
12 Director of the Office of Management and
13 Budget and the head and chief information offi14
cer (or equivalent official) of each affected
15 agency of—
16 ‘‘(i) any action taken under this sub17
section; and
18 ‘‘(ii) the reasons for and duration and
19 nature of the action.
20 ‘‘(D) OTHER LAW.—The actions of the
21 Secretary under this paragraph shall be con22
sistent with applicable law.
23 ‘‘(4) LIMITATION.—The Secretary may direct
24 or authorize lawful action or protective capability
25 under this subsection only to—
62
HEN12160 S.L.C.
1 ‘‘(A) protect agency information from un2
authorized access, use, disclosure, disruption,
3 modification, or destruction; or
4 ‘‘(B) require the remediation of or protect
5 against identified information security risks
6 with respect to—
7 ‘‘(i) information collected or main8
tained by or on behalf of an agency; or
9 ‘‘(ii) that portion of an information
10 system used or operated by an agency or
11 by a contractor of an agency or other orga12
nization on behalf of an agency.
13 ‘‘(f) NATIONAL SECURITY SYSTEMS.—
14 ‘‘(1) IN GENERAL.—This section shall not apply
15 to a national security system.
16 ‘‘(2) INFORMATION SECURITY.—Information se17
curity policies, directives, standards, and guidelines
18 for national security systems shall be overseen as di19
rected by the President and, in accordance with that
20 direction, carried out under the authority of the
21 heads of agencies that operate or exercise authority
22 over national security systems.
23 ‘‘(g) DELEGATION OF AUTHORITIES.—
63
HEN12160 S.L.C.
1 ‘‘(1) IN GENERAL.—The authorities of the Sec2
retary described in paragraphs (1), (2), (3), and (4)
3 of subsection (b) shall be delegated to—
4 ‘‘(A) the Secretary of Defense in the case
5 of systems described in paragraph (2);
6 ‘‘(B) the Director of the Central Intel7
ligence Agency in the case of systems described
8 in paragraph (3); and
9 ‘‘(C) the Director of National Intelligence
10 in the case of systems described in paragraph
11 (4).
12 ‘‘(2) DEPARTMENT OF DEFENSE.—The systems
13 described in this paragraph are systems that are op14
erated by the Department of Defense, a contractor
15 of the Department of Defense, or another entity on
16 behalf of the Department of Defense that process
17 any information the unauthorized access, use, disclo18
sure, disruption, modification, or destruction of
19 which would have a debilitating impact on the mis20
sion of the Department of Defense.
21 ‘‘(3) CENTRAL INTELLIGENCE AGENCY.—The
22 systems described in this paragraph are systems
23 that are operated by the Central Intelligence Agen24
cy, a contractor of the Central Intelligence Agency,
25 or another entity on behalf of the Central Intel64
HEN12160 S.L.C.
1 ligence Agency that process any information the un2
authorized access, use, disclosure, disruption, modi3
fication, or destruction of which would have a debili4
tating impact on the mission of the Central Intel5
ligence Agency.
6 ‘‘(4) OFFICE OF THE DIRECTOR OF NATIONAL
7 INTELLIGENCE.—The systems described in this
8 paragraph are systems that are operated by the Of9
fice of the Director of National Intelligence, a con10
tractor of the Office of the Director of National In11
telligence, or another entity on behalf of the Office
12 of the Director of National Intelligence that process
13 any information the unauthorized access, use, disclo14
sure, disruption, modification, or destruction of
15 which would have a debilitating impact on the mis16
sion of the Office of the Director of National Intel17
ligence.
18 ‘‘(5) INTEGRATION OF INFORMATION.—The
19 Secretary of Defense, the Director of the Central In20
telligence Agency, and the Director of National In21
telligence shall carry out their responsibilities under
22 this subsection in coordination with the Secretary
23 and share relevant information in a timely manner
24 with the Secretary relating to the security of agency
25 information and information systems, including sys65
HEN12160 S.L.C.
1 tems described in paragraphs (2), (3), and (4), to
2 enable the Secretary to carry out the responsibilities
3 set forth in this section and to maintain comprehen4
sive situational awareness regarding information se5
curity incidents, threats, and vulnerabilities affecting
6 agency information systems, consistent with stand7
ards and guidelines for national security systems,
8 issued in accordance with law and as directed by the
9 President.
10 ‘‘§ 3554. Agency responsibilities
11 ‘‘(a) IN GENERAL.—The head of each agency shall—
12 ‘‘(1) be responsible for—
13 ‘‘(A) providing information security protec14
tions commensurate with the risk resulting
15 from unauthorized access, use, disclosure, dis16
ruption, modification, or destruction of—
17 ‘‘(i) information collected, created,
18 processed, stored, disseminated, or other19
wise used or maintained by or on behalf of
20 the agency; or
21 ‘‘(ii) information systems used or op22
erated by the agency or by a contractor of
23 the agency or other organization on behalf
24 of the agency;
66
HEN12160 S.L.C.
1 ‘‘(B) complying with this subchapter, in2
cluding—
3 ‘‘(i) the policies and directives issued
4 under section 3553, including any direc5
tions under section 3553(e); and
6 ‘‘(ii) information security policies, di7
rectives, standards, and guidelines for na8
tional security systems issued in accord9
ance with law and as directed by the Presi10
dent;
11 ‘‘(C) complying with the requirements of
12 the information security standards prescribed
13 under section 11331 of title 40, including any
14 required security configuration checklists; and
15 ‘‘(D) ensuring that information security
16 management processes are integrated with
17 agency strategic and operational planning proc18
esses;
19 ‘‘(2) ensure that senior agency officials provide
20 information security for the information and infor21
mation systems that support the operations and as22
sets under the control of the officials, including
23 through—
24 ‘‘(A) assessing, with a frequency commen25
surate with risk, the risk and impact that could
67
HEN12160 S.L.C.
1 result from the unauthorized access, use, disclo2
sure, disruption, modification, or destruction of
3 the information or information systems;
4 ‘‘(B) determining the levels of information
5 security appropriate to protect the information
6 and information systems in accordance with the
7 policies and directives issued under section
8 3553(b) and standards prescribed under section
9 11331 of title 40;
10 ‘‘(C) implementing policies, procedures,
11 and capabilities to reduce risks to an acceptable
12 level in a cost-effective manner;
13 ‘‘(D) security testing and evaluation, in14
cluding continuously monitoring the effective
15 implementation of information security controls
16 and techniques, threats, vulnerabilities, assets,
17 and other aspects of information security as ap18
propriate; and
19 ‘‘(E) reporting information about informa20
tion security incidents, threats, and
21 vulnerabilities in a timely manner as required
22 under policies and procedures established under
23 subsection (b)(7);
68
HEN12160 S.L.C.
1 ‘‘(3) assess and maintain the resiliency of infor2
mation systems critical to the mission and oper3
ations of the agency;
4 ‘‘(4) delegate to the chief information officer or
5 equivalent official (or to a senior agency official who
6 reports to the chief information officer or equivalent
7 official) the authority to ensure and primary respon8
sibility for ensuring compliance with this subchapter,
9 including—
10 ‘‘(A) overseeing the establishment and
11 maintenance of an agencywide security oper12
ations capability that on a continuous basis
13 can—
14 ‘‘(i) detect, report, respond to, con15
tain, and mitigate information security in16
cidents that impair adequate security of
17 the agency information and information
18 systems in a timely manner and in accord19
ance with the policies and directives issued
20 under section 3553(b); and
21 ‘‘(ii) report any information security
22 incident described under clause (i) to the
23 entity designated under section 3553(b)(6);
69
HEN12160 S.L.C.
1 ‘‘(B) developing, maintaining, and over2
seeing an agencywide information security pro3
gram as required under subsection (b);
4 ‘‘(C) developing, maintaining, and over5
seeing information security policies, procedures,
6 and control techniques to address all applicable
7 requirements, including those issued under sec8
tion 3553 and section 11331 of title 40;
9 ‘‘(D) training and overseeing employees
10 and contractors of the agency with significant
11 responsibilities for information security with re12
spect to such responsibilities; and
13 ‘‘(E) assisting senior agency officials con14
cerning their responsibilities under paragraph
15 (2);
16 ‘‘(5) the agency has trained and obtained secu17
rity clearances for an adequate number of employees
18 to assist the agency in complying with this sub19
chapter, including the policies and directives issued
20 under section 3553(b);
21 ‘‘(6) ensure that the chief information officer
22 (or other senior agency official designated under
23 paragraph (4)), in coordination with other senior
24 agency officials, reports to the head of the agency on
70
HEN12160 S.L.C.
1 the effectiveness of the agency information security
2 program, including the progress of remedial actions;
3 ‘‘(7) ensure that the chief information officer
4 (or other senior agency official designated under
5 paragraph (4))—
6 ‘‘(A) possesses the necessary qualifications
7 to administer the duties of the official under
8 this subchapter; and
9 ‘‘(B) has information security duties as a
10 primary duty of the official; and
11 ‘‘(8) ensure that senior agency officials (includ12
ing component chief information officers or equiva13
lent officials) carry out responsibilities under this
14 subchapter as directed by the official delegated au15
thority under paragraph (4).
16 ‘‘(b) AGENCY PROGRAM.—The head of each agency
17 shall develop, document, and implement an agencywide in18
formation security program, which shall be reviewed under
19 section 3553(b)(2), to provide information security for the
20 information and information systems that support the op21
erations and assets of the agency, including those provided
22 or managed by another agency, contractor, or other
23 source, which shall include—
71
HEN12160 S.L.C.
1 ‘‘(1) the development, execution, and mainte2
nance of a risk management strategy for information
3 security that—
4 ‘‘(A) considers information security
5 threats, vulnerabilities, and consequences;
6 ‘‘(B) includes periodic assessments and re7
porting of risk, with a frequency commensurate
8 with risk and impact;
9 ‘‘(2) policies and procedures that—
10 ‘‘(A) are based on the risk management
11 strategy and assessment results required under
12 paragraph (1);
13 ‘‘(B) reduce information security risks to
14 an acceptable level in a cost-effective manner;
15 ‘‘(C) ensure that cost-effective and ade16
quate information security is addressed
17 throughout the life cycle of each agency infor18
mation system; and
19 ‘‘(D) ensure compliance with—
20 ‘‘(i) this subchapter;
21 ‘‘(ii) the information security policies
22 and directives issued under section
23 3553(b); and
24 ‘‘(iii) any other applicable require25
ments;
72
HEN12160 S.L.C.
1 ‘‘(3) subordinate plans for providing adequate
2 information security for networks, facilities, and sys3
tems or groups of information systems;
4 ‘‘(4) security awareness training developed in
5 accordance with the requirements issued under sec6
tion 3553(b) to inform individuals with access to
7 agency information systems, including information
8 security employees, contractors, and other users of
9 information systems that support the operations and
10 assets of the agency, of—
11 ‘‘(A) information security risks associated
12 with their activities;
13 ‘‘(B) their responsibilities in complying
14 with agency policies and procedures designed to
15 reduce those risks; and
16 ‘‘(C) requirements for fulfilling privacy,
17 civil rights, civil liberties, and other information
18 oversight responsibilities;
19 ‘‘(5) security testing and evaluation commensu20
rate with risk and impact that includes—
21 ‘‘(A) risk-based continuous monitoring of
22 the operational status and security of agency
23 information systems to enable evaluation of the
24 effectiveness of and compliance with informa25
tion security policies, procedures, and practices,
73
HEN12160 S.L.C.
1 including a relevant and appropriate selection of
2 management, operational, and technical controls
3 of information systems identified in the inven4
tory required under section 3505(c);
5 ‘‘(B) penetration testing exercises and
6 operational evaluations in accordance with the
7 requirements issued under section 3553(b) to
8 evaluate whether the agency adequately protects
9 against, detects, and responds to incidents;
10 ‘‘(C) vulnerability scanning, intrusion de11
tection and prevention, and penetration testing,
12 in accordance with the requirements issued
13 under section 3553(b); and
14 ‘‘(D) any other periodic testing and evalua15
tion, in accordance with the requirements
16 issued under section 3553(b);
17 ‘‘(6) a process for ensuring that remedial ac18
tions are taken to mitigate information security
19 vulnerabilities commensurate with risk and impact,
20 and otherwise address any deficiencies in the infor21
mation security policies, procedures, and practices of
22 the agency;
23 ‘‘(7) policies and procedures to ensure detec24
tion, mitigation, reporting, and responses to infor25
mation security incidents, in accordance with the
74
HEN12160 S.L.C.
1 policies and directives issued under section 3553(b),
2 including—
3 ‘‘(A) ensuring timely internal reporting of
4 information security incidents;
5 ‘‘(B) establishing and maintaining appro6
priate technical capabilities to detect and miti7
gate risks associated with information security
8 incidents;
9 ‘‘(C) notifying and consulting with the en10
tity designated by the Secretary under section
11 3553(b)(6); and
12 ‘‘(D) notifying and consulting with—
13 ‘‘(i) law enforcement agencies and rel14
evant Offices of Inspectors General; and
15 ‘‘(ii) any other entity, in accordance
16 with law and as directed by the President;
17 and
18 ‘‘(8) plans and procedures to ensure continuity
19 of operations for information systems that support
20 the operations and assets of the agency.
21 ‘‘(c) AGENCY REPORTING.—The head of each agency
22 shall—
23 ‘‘(1) report annually to the Secretary on the
24 adequacy and effectiveness of information security
25 policies, procedures, and practices, including—
75
HEN12160 S.L.C.
1 ‘‘(A) compliance of the agency with the re2
quirements of this subchapter;
3 ‘‘(B) a conclusion as to the effectiveness of
4 the information security policies, procedures,
5 and practices of the agency based on a deter6
mination of the aggregate effect of identified
7 deficiencies;
8 ‘‘(C) an identification and analysis of, in9
cluding actions and plans to address, any sig10
nificant deficiencies identified in such policies,
11 procedures and practices; and
12 ‘‘(D) any information or evaluation re13
quired under the reporting requirements issued
14 under section 3553(b);
15 ‘‘(2) make the report required under paragraph
16 (1) available to the appropriate authorization and
17 appropriations committees of Congress and the
18 Comptroller General of the United States; and
19 ‘‘(3) address the adequacy and effectiveness of
20 the information security policies, procedures, and
21 practices of the agency as required for management
22 and budget plans and reports, as appropriate.
23 ‘‘(d) COMMUNICATIONS AND SYSTEM TRAFFIC.—
24 Notwithstanding any other provision of law, the head of
25 each agency is authorized to allow the Secretary, or a pri76
HEN12160 S.L.C.
1 vate entity providing assistance to the Secretary under
2 section 3553, to acquire, intercept, retain, use, and dis3
close communications, system traffic, records, or other in4
formation transiting to or from or stored on an agency
5 information system for the purpose of protecting agency
6 information and information systems from information se7
curity threats or mitigating the threats in connection with
8 the implementation of the information security capabilities
9 authorized by paragraph (3) or (4) of section 3553(b).
10 ‘‘§ 3555. Annual assessments
11 ‘‘(a) IN GENERAL.—Except as provided in subsection
12 (c), the Secretary shall conduct periodic assessments of
13 the information security programs and practices of agen14
cies based on the annual agency reports required under
15 section 3554(c), the annual independent evaluations re16
quired under section 3556, the results of any continuous
17 monitoring, and other available information.
18 ‘‘(b) CONTENTS.—Each assessment conducted under
19 subsection (a) shall—
20 ‘‘(1) assess the effectiveness of agency informa21
tion security policies, procedures, and practices;
22 ‘‘(2) provide an assessment of the status of
23 agency information system security for the Federal
24 Government as a whole; and
77
HEN12160 S.L.C.
1 ‘‘(3) include recommendations for improving in2
formation system security for an agency or the Fed3
eral Government as a whole.
4 ‘‘(c) CERTAIN INFORMATION SYSTEMS.—
5 ‘‘(1) NATIONAL SECURITY SYSTEMS.—A peri6
odic assessment conducted under subsection (a) re7
lating to a national security system shall be pre8
pared as directed by the President.
9 ‘‘(2) SPECIFIC AGENCIES.—Periodic assess10
ments conducted under subsection (a) shall be pre11
pared in accordance with governmentwide reporting
12 requirements by—
13 ‘‘(A) the Secretary of Defense for informa14
tion systems under the control of the Depart15
ment of Defense;
16 ‘‘(B) the Director of the Central Intel17
ligence Agency for information systems under
18 the control of the Central Intelligence Agency;
19 and
20 ‘‘(C) the Director of National Intelligence
21 for information systems under the control of
22 the Office of the Director of National Intel23
ligence.
24 ‘‘(d) AGENCY-SPECIFIC ASSESSMENTS.—Each as25
sessment conducted under subsection (a) that relates, in
78
HEN12160 S.L.C.
1 whole or in part, to the information systems of an agency
2 shall be made available to the head of the agency.
3 ‘‘(e) PROTECTION OF INFORMATION.—In conducting
4 assessments under subsection (a), the Secretary shall take
5 appropriate actions to ensure the protection of information
6 which, if disclosed, may adversely affect information secu7
rity. Such protections shall be commensurate with the risk
8 and comply with all applicable laws and policies.
9 ‘‘(f) REPORT TO CONGRESS.—The Secretary, in co10
ordination with the Secretary of Defense, the Director of
11 the Central Intelligence Agency, and the Director of Na12
tional Intelligence, shall evaluate and submit to Congress
13 an annual report on the adequacy and effectiveness of the
14 information security programs and practices assessed
15 under this section.
16 ‘‘§ 3556. Independent evaluations
17 ‘‘(a) IN GENERAL.—Not less than once every 2 years,
18 an independent evaluation shall be performed of the infor19
mation security program and practices of each agency in
20 accordance with the guidance developed under subsection
21 (d) to determine the effectiveness of the programs and
22 practices in addressing risk.
23 ‘‘(b) CONTENTS.—Each evaluation performed under
24 subsection (a) shall include—
79
HEN12160 S.L.C.
1 ‘‘(1) testing of the effectiveness of information
2 security policies, procedures, and practices of a rep3
resentative subset of the information systems of the
4 agency;
5 ‘‘(2) an assessment of compliance with this sub6
chapter and any significant deficiencies; and
7 ‘‘(3) a conclusion as to the effectiveness of the
8 information security policies, procedures, and prac9
tices of the agency in addressing risk based on a de10
termination of the aggregate effect of identified defi11
ciencies.
12 ‘‘(c) CONDUCT OF INDEPENDENT EVALUATIONS.—
13 An evaluation of an agency under subsection (a) shall be
14 performed by—
15 ‘‘(1) the Inspector General of the agency;
16 ‘‘(2) at the discretion of the Inspector General
17 of the agency, an independent entity entering a con18
tract with the Inspector General to perform the eval19
uation; or
20 ‘‘(3) if the agency does not have an Inspector
21 General, an independent entity selected by the head
22 of the agency, in consultation with the Secretary.
23 ‘‘(d) GUIDANCE.—The Council of Inspectors General
24 on Integrity and Efficiency, in consultation with the Sec25
retary, the Comptroller General of the United States, and
80
HEN12160 S.L.C.
1 the Director of the National Institute of Standards and
2 Technology, shall issue and maintain guidance for per3
forming timely, cost-effective, and risk-based evaluations
4 under subsection (a).
5 ‘‘(e) REPORTS.—The official or entity performing an
6 evaluation of an agency under subsection (a) shall submit
7 to Congress, the agency, and the Comptroller General of
8 the United States a report regarding the evaluation. The
9 head of the agency shall provide to the Secretary a report
10 received under this subsection.
11 ‘‘(f) NATIONAL SECURITY SYSTEMS.—An evaluation
12 under subsection (a) of a national security system shall
13 be performed as directed by the President.
14 ‘‘(g) COMPTROLLER GENERAL.—The Comptroller
15 General of the United States shall periodically evaluate
16 and submit to Congress reports on—
17 ‘‘(1) the adequacy and effectiveness of the in18
formation security policies and practices of agencies;
19 and
20 ‘‘(2) implementation of this subchapter.
21 ‘‘§ 3557. National security systems
22 ‘‘The head of each agency operating or exercising
23 control of a national security system shall be responsible
24 for ensuring that the agency—
81
HEN12160 S.L.C.
1 ‘‘(1) provides information security protections
2 commensurate with the risk and magnitude of the
3 harm resulting from the unauthorized use, disclo4
sure, disruption, modification, or destruction of the
5 information contained in the national security sys6
tem;
7 ‘‘(2) implements information security policies
8 and practices as required by standards and guide9
lines for national security systems issued in accord10
ance with law and as directed by the President; and
11 ‘‘(3) complies with this subchapter.
12 ‘‘§ 3558. Effect on existing law
13 ‘‘Nothing in this subchapter shall be construed to
14 alter or amend any law regarding the authority of any
15 head of an agency over the agency.’’.
16 (b) TECHNICAL AND CONFORMING AMENDMENT.—
17 The table of sections for chapter 35 of title 44 is amended
18 by striking the matter relating to subchapters II and III
19 and inserting the following:
‘‘SUBCHAPTER II—INFORMATION SECURITY
‘‘Sec. 3551. Purposes.
‘‘Sec. 3552. Definitions.
‘‘Sec. 3553. Federal information security authority and coordination.
‘‘Sec. 3554. Agency responsibilities.
‘‘Sec. 3555. Annual assessments.
‘‘Sec. 3556. Independent evaluations.
‘‘Sec. 3557. National security systems.
‘‘Sec. 3558. Effect on existing law.’’.
82
HEN12160 S.L.C.
1 SEC. 202. MANAGEMENT OF INFORMATION TECHNOLOGY.
2 (a) IN GENERAL.—Section 11331 of title 40, United
3 States Code, is amended to read as follows:
4 ‘‘§ 11331. Responsibilities for Federal information sys5
tems standards
6 ‘‘(a) DEFINITIONS.—In this section:
7 ‘‘(1) FEDERAL INFORMATION SYSTEM.—The
8 term ‘Federal information system’ means an infor9
mation system used or operated by an executive
10 agency, by a contractor of an executive agency, or by
11 another entity on behalf of an executive agency.
12 ‘‘(2) INFORMATION SECURITY.—The term ‘in13
formation security’ has the meaning given that term
14 in section 3552 of title 44.
15 ‘‘(3) NATIONAL SECURITY SYSTEM.—The term
16 ‘national security system’ has the meaning given
17 that term in section 3552 of title 44.
18 ‘‘(b) STANDARDS AND GUIDELINES.—
19 ‘‘(1) AUTHORITY TO PRESCRIBE.—Except as
20 provided under paragraph (2), and based on the
21 standards and guidelines developed by the National
22 Institute of Standards and Technology under para23
graphs (2) and (3) of section 20(a) of the National
24 Institute of Standards and Technology Act (15
25 U.S.C. 278g–3(a)), the Secretary of Commerce, in
26 consultation with the Secretary of Homeland Secu83
HEN12160 S.L.C.
1 rity, shall prescribe standards and guidelines relat2
ing to Federal information systems.
3 ‘‘(2) NATIONAL SECURITY SYSTEMS.—Stand4
ards and guidelines for national security systems
5 shall be developed, prescribed, enforced, and over6
seen as otherwise authorized by law and as directed
7 by the President.
8 ‘‘(c) MANDATORY REQUIREMENTS.—
9 ‘‘(1) AUTHORITY TO MAKE MANDATORY.—The
10 Secretary of Commerce may require executive agen11
cies to comply with the standards prescribed under
12 subsection (b)(1) to the extent determined necessary
13 by the Secretary of Commerce to improve the effi14
ciency of operation or security of Federal informa15
tion systems.
16 ‘‘(2) REQUIRED MANDATORY STANDARDS.—
17 ‘‘(A) IN GENERAL.—The Secretary of
18 Commerce shall require executive agencies to
19 comply with the standards described in sub20
paragraph (B).
21 ‘‘(B) CONTENTS.—The standards de22
scribed in this subparagraph are information
23 security standards that—
24 ‘‘(i) provide minimum information se25
curity requirements as determined under
84
HEN12160 S.L.C.
1 section 20(b) of the National Institute of
2 Standards and Technology Act (15 U.S.C.
3 278g–3(b)); and
4 ‘‘(ii) are otherwise necessary to im5
prove the security of Federal information
6 and Federal information systems.
7 ‘‘(d) AUTHORITY TO DISAPPROVE OR MODIFY.—The
8 President may disapprove or modify the standards and
9 guidelines prescribed under subsection (b)(1) if the Presi10
dent determines such action to be in the public interest.
11 The authority of the President to disapprove or modify
12 the standards and guidelines may be delegated to the Di13
rector of the Office of Management and Budget. Notice
14 of a disapproval or modification under this subsection
15 shall be published promptly in the Federal Register. Upon
16 receiving notice of a disapproval or modification, the Sec17
retary of Commerce shall immediately rescind or modify
18 the standards or guidelines as directed by the President
19 or the Director of the Office of Management and Budget.
20 ‘‘(e) EXERCISE OF AUTHORITY.—To ensure fiscal
21 and policy consistency, the Secretary of Commerce shall
22 exercise the authority under this section subject to direc23
tion by the President and in coordination with the Direc24
tor of the Office of Management and Budget.
85
HEN12160 S.L.C.
1 ‘‘(f) APPLICATION OF MORE STRINGENT STAND2
ARDS.—The head of an executive agency may employ
3 standards for the cost-effective information security for
4 Federal information systems of that agency that are more
5 stringent than the standards prescribed by the Secretary
6 of Commerce under subsection (b)(1) if the more stringent
7 standards—
8 ‘‘(1) contain any standards with which the Sec9
retary of Commerce has required the agency to com10
ply; and
11 ‘‘(2) are otherwise consistent with the policies
12 and directives issued under section 3553(b) of title
13 44.
14 ‘‘(g) DECISIONS ON PROMULGATION OF STAND15
ARDS.—The decision by the Secretary of Commerce re16
garding the promulgation of any standard under this sec17
tion shall occur not later than 6 months after the submis18
sion of the proposed standard to the Secretary of Com19
merce by the National Institute of Standards and Tech20
nology, as provided under section 20 of the National Insti21
tute of Standards and Technology Act (15 U.S.C. 278g–
22 3).’’.
23 (b) TECHNICAL AND CONFORMING AMENDMENTS.—
86
HEN12160 S.L.C.
1 (1) Section 3502(8)) of title 44, United States
2 Code, is amended by inserting ‘‘hosting,’’ after ‘‘col3
lection,’’;
4 (2) The National Institute of Standards and
5 Technology Act (15 U.S.C. 271 et seq.) is amend6
ed—
7 (A) in section 20(a)(2) (15 U.S.C. 278g–
8 3(a)(2)), by striking ‘‘section 3532(b)(2)’’ and
9 inserting ‘‘section 3552(b)’’; and
10 (B) in section 21(b) (15 U.S.C. 278g–
11 4(b))—
12 (i) in paragraph (2), by inserting ‘‘,
13 the Secretary of Homeland Security,’’ after
14 ‘‘the Institute’’; and
15 (ii) in paragraph (3), by inserting
16 ‘‘the Secretary of Homeland Security,’’
17 after ‘‘the Secretary of Commerce,’’.
18 (3) Section 1001(c)(1)(A) of the Homeland Se19
curity Act of 2002 (6 U.S.C. 511(c)(1)(A)) is
20 amended by striking ‘‘section 3532(3)’’ and insert21
ing ‘‘section 3552(b)’’.
22 (4) Part IV of title 10, United States Code, is
23 amended—
87
HEN12160 S.L.C.
1 (A) in section 2222(j)(5), by striking ‘‘sec2
tion 3542(b)(2)’’ and inserting ‘‘section
3 3552(b)’’;
4 (B) in section 2223(c)(3), by striking ‘‘sec5
tion 3542(b)(2)’’ and inserting ‘‘section
6 3552(b)’’; and
7 (C) in section 2315, by striking ‘‘section
8 3542(b)(2)’’ and inserting ‘‘section 3552(b)’’.
9 (5) Section 8(d)(1) of the Cyber Security Re10
search and Development Act (15 U.S.C. 7406(d)(1))
11 is amended by striking ‘‘section 3534(b)’’ and in12
serting ‘‘section 3554(b)’’.
13 SEC. 203. SAVINGS PROVISIONS.
14 (a) IN GENERAL.—Policies and compliance guidance
15 issued by the Director of the Office of Management and
16 Budget before the date of enactment of this Act under
17 section 3543(a)(1) of title 44 (as in effect on the day be18
fore the date of enactment of this Act) shall continue in
19 effect, according to their terms, until modified, termi20
nated, superseded, or repealed under section 3553(b)(1)
21 of title 44, as added by this Act.
22 (b) OTHER STANDARDS AND GUIDELINES.—Stand23
ards and guidelines issued by the Secretary of Commerce
24 or by the Director of the Office of Management and Budg25
et before the date of enactment of this Act under section
88
HEN12160 S.L.C.
1 11331(b)(1) of title 40 (as in effect on the day before the
2 date of enactment of this Act) shall continue in effect, ac3
cording to their terms, until modified, terminated, super4
seded, or repealed under section 11331(b)(1), as added by
5 this Act.
6 TITLE III—CLARIFYING AND
7 STRENGTHENING EXISTING
8 ROLES AND AUTHORITIES
9 SEC. 301. CONSOLIDATION OF EXISTING DEPARTMENTAL
10 CYBER RESOURCES AND AUTHORITIES.
11 (a) IN GENERAL.—Title II of the Homeland Security
12 Act of 2002 (6 U.S.C. 121 et seq.) is amended by adding
13 at the end the following:
14 ‘‘Subtitle E—Cybersecurity
15 ‘‘SEC. 241. DEFINITIONS.
16 ‘‘In this subtitle:
17 ‘‘(1) AGENCY INFORMATION INFRASTRUC18
TURE.—The term ‘agency information infrastruc19
ture’ means the Federal information infrastructure
20 of a particular Federal agency.
21 ‘‘(2) CENTER.—The term ‘Center’ means the
22 National Center for Cybersecurity and Communica23
tions established under section 242.
24 ‘‘(3) COVERED CRITICAL INFRASTRUCTURE.—
25 The term ‘covered critical infrastructure’ means a
89
HEN12160 S.L.C.
1 system or asset designated by the Secretary as cov2
ered critical infrastructure in accordance with the
3 procedure established under section 103 of the Cy4
bersecurity Act of 2012.
5 ‘‘(4) DAMAGE.—The term ‘damage’ has the
6 meaning given that term in section 1030(e) of title
7 18, United States Code.
8 ‘‘(5) FEDERAL AGENCY.—The term ‘Federal
9 agency’ has the meaning given the term ‘agency’ in
10 section 3502 of title 44, United States Code.
11 ‘‘(6) FEDERAL CYBERSECURITY CENTER.—The
12 term ‘Federal cybersecurity center’ has the meaning
13 given that term in section 708 of the Cybersecurity
14 Act of 2012.
15 ‘‘(7) FEDERAL ENTITY.—The term ‘Federal en16
tity’ has the meaning given that term in section 708
17 of the Cybersecurity Act of 2012.
18 ‘‘(8) FEDERAL INFORMATION INFRASTRUC19
TURE.—The term ‘Federal information infrastruc20
ture’—
21 ‘‘(A) means information and information
22 systems that are owned, operated, controlled, or
23 licensed for use by, or on behalf of, any Federal
24 agency, including information systems used or
90
HEN12160 S.L.C.
1 operated by another entity on behalf of a Fed2
eral agency; and
3 ‘‘(B) does not include—
4 ‘‘(i) a national security system; or
5 ‘‘(ii) information and information sys6
tems that are owned, operated, controlled,
7 or licensed for use by, or on behalf of, the
8 Department of Defense, a military depart9
ment, or another element of the intel10
ligence community.
11 ‘‘(9) INCIDENT.—The term ‘incident’ has the
12 meaning given that term in section 3552 of title 44,
13 United States Code.
14 ‘‘(10) INFORMATION SECURITY.—The term ‘in15
formation security’ has the meaning given that term
16 in section 3552 of title 44, United States Code.
17 ‘‘(11) INFORMATION SYSTEM.—The term ‘infor18
mation system’ has the meaning given that term in
19 section 3502 of title 44, United States Code.
20 ‘‘(12) INTELLIGENCE COMMUNITY.—The term
21 ‘intelligence community’ has the meaning given that
22 term in section 3(4) of the National Security Act of
23 1947 (50 U.S.C. 401a(4)).
24 ‘‘(13) NATIONAL SECURITY AND EMERGENCY
25 PREPAREDNESS COMMUNICATIONS INFRASTRUC91
HEN12160 S.L.C.
1 TURE.—The term ‘national security and emergency
2 preparedness communications infrastructure’ means
3 the systems supported or covered by the Office of
4 Emergency Communications and the National Com5
munications System on the date of enactment of the
6 Cybersecurity Act of 2012 or otherwise described in
7 Executive Order 12472, or any successor thereto, re8
lating to national security and emergency prepared9
ness communications functions.
10 ‘‘(14) NATIONAL INFORMATION INFRASTRUC11
TURE.—The term ‘national information infrastruc12
ture’ means information and information systems—
13 ‘‘(A) that are owned, operated, or con14
trolled within or from the United States; and
15 ‘‘(B) that are not owned, operated, con16
trolled, or licensed for use by a Federal agency.
17 ‘‘(15) NATIONAL SECURITY SYSTEM.—The term
18 ‘national security system’ has the meaning given
19 that term in section 3552 of title 44, United States
20 Code.
21 ‘‘(16) NON-FEDERAL ENTITY.—The term ‘non-
22 Federal entity’ has the meaning given that term in
23 section 708 of the Cybersecurity Act of 2012.
92
HEN12160 S.L.C.
1 ‘‘SEC. 242. CONSOLIDATION OF EXISTING RESOURCES.
2 ‘‘(a) ESTABLISHMENT.—There is established within
3 the Department a National Center for Cybersecurity and
4 Communications.
5 ‘‘(b) TRANSFER OF FUNCTIONS.—There are trans6
ferred to the Center the National Cyber Security Division,
7 the Office of Emergency Communications, and the Na8
tional Communications System, including all the func9
tions, personnel, assets, authorities, and liabilities of the
10 National Cyber Security Division, the Office of Emergency
11 Communications, and the National Communications Sys12
tem.
13 ‘‘(c) DIRECTOR.—The Center shall be headed by a
14 Director, who shall be appointed by the President, by and
15 with the advice and consent of the Senate, and who shall
16 report directly to the Secretary.
17 ‘‘(d) DUTIES.—The Director of the Center shall—
18 ‘‘(1) manage Federal efforts to secure, protect,
19 and ensure the resiliency of the Federal information
20 infrastructure, national information infrastructure,
21 and national security and emergency preparedness
22 communications infrastructure of the United States,
23 working cooperatively with appropriate government
24 agencies and the private sector;
93
HEN12160 S.L.C.
1 ‘‘(2) support private sector efforts to secure,
2 protect, and ensure the resiliency of the national in3
formation infrastructure;
4 ‘‘(3) prioritize the efforts of the Center to ad5
dress the most significant risks and incidents that
6 have caused or are likely to cause damage to the
7 Federal information infrastructure, the national in8
formation infrastructure, and national security and
9 emergency preparedness communications infrastruc10
ture of the United States;
11 ‘‘(4) ensure, in coordination with the privacy of12
ficer designated under subsection (j), the Privacy
13 Officer appointed under section 222, and the Direc14
tor of the Office of Civil Rights and Civil Liberties
15 appointed under section 705, that the activities of
16 the Center comply with all policies, regulations, and
17 laws protecting the privacy and civil liberties of
18 United States persons; and
19 ‘‘(5) perform such other duties as the Secretary
20 may require relating to the security and resiliency of
21 the Federal information infrastructure, national in22
formation infrastructure, and the national security
23 and emergency preparedness communications infra24
structure of the United States.
94
HEN12160 S.L.C.
1 ‘‘(e) AUTHORITIES AND RESPONSIBILITIES OF CEN2
TER.—The Center shall—
3 ‘‘(1) engage in activities and otherwise coordi4
nate Federal efforts to identify, protect against, re5
mediate, and mitigate, respond to, and recover from
6 cybersecurity threats, consequences, vulnerabilities
7 and incidents impacting the Federal information in8
frastructure and the national information infrastruc9
ture, including by providing support to entities that
10 own or operate national information infrastructure,
11 at their request;
12 ‘‘(2) conduct risk-based assessments of the Fed13
eral information infrastructure, and risk assessments
14 of critical infrastructure;
15 ‘‘(3) develop, oversee the implementation of,
16 and enforce policies, principles, and guidelines on in17
formation security for the Federal information infra18
structure, including exercise of the authorities under
19 the Federal Information Security Management Act
20 of 2002 (title III of Public Law 107–347; 116 Stat.
21 2946);
22 ‘‘(4) evaluate and facilitate the adoption of
23 technologies designed to enhance the protection of
24 information infrastructure, including making such
25 technologies available to entities that own or operate
95
HEN12160 S.L.C.
1 national information infrastructure, with or without
2 reimbursement, as necessary to accomplish the pur3
poses of this section;
4 ‘‘(5) oversee the responsibilities related to na5
tional security and emergency preparedness commu6
nications infrastructure, including the functions of
7 the Office of Emergency Communications and the
8 National Communications System;
9 ‘‘(6)(A) maintain comprehensive situational
10 awareness of the security of the Federal information
11 infrastructure and the national information infra12
structure for the purpose of enabling and supporting
13 activities under subparagraph (e)(1); and
14 ‘‘(B) provide classified and unclassified infor15
mation to entities that own or operate national in16
formation infrastructure to support efforts by such
17 entities to secure such infrastructure and for en18
hancing overall situational awareness;
19 ‘‘(7) serve as the focal point for, and foster col20
laboration between, the Federal Government, State
21 and local governments, and private entities on mat22
ters relating to the security of the national informa23
tion infrastructure;
24 ‘‘(8) develop, in coordination with the Assistant
25 Secretary for Infrastructure Protection, other Fed96
HEN12160 S.L.C.
1 eral agencies, the private sector, and State and local
2 governments a national incident response plan that
3 details the roles of Federal agencies, State and local
4 governments, and the private sector, and coordinate
5 national cyber incident response efforts;
6 ‘‘(9) consult, in coordination with the Secretary
7 of State, with appropriate international partners to
8 enhance the security of the Federal information in9
frastructure, national information infrastructure,
10 and information infrastructure located outside the
11 United States the disruption of which could result in
12 national or regional catastrophic damage in the
13 United States; and
14 ‘‘(10) coordinate the activities undertaken by
15 Federal agencies to—
16 ‘‘(A) protect Federal information infra17
structure and national information infrastruc18
ture; and
19 ‘‘(B) prepare the Nation to respond to, re20
cover from, and mitigate against risks of inci21
dents involving such infrastructure; and
22 ‘‘(11) perform such other duties as the Sec23
retary may require relating to the security and resil24
iency of the Federal information infrastructure, na25
tional information infrastructure, and national secu97
HEN12160 S.L.C.
1 rity and emergency preparedness communications in2
frastructure of the United States.
3 ‘‘(f) USE OF EXISTING MECHANISMS FOR COLLABO4
RATION.—To avoid unnecessary duplication or waste, in
5 carrying out the authorities and responsibilities of the
6 Center under this subtitle, to the maximum extent prac7
ticable, the Director of the Center shall make use of exist8
ing mechanisms for collaboration and information sharing,
9 including mechanisms relating to the identification and
10 communication of cybersecurity threats, vulnerabilities,
11 and associated consequences, established by other compo12
nents of the Department or other Federal agencies and
13 the information sharing mechanisms established under
14 title VII of the Cybersecurity Act of 2012.
15 ‘‘(g) DEPUTY DIRECTORS.—
16 ‘‘(1) IN GENERAL.—There shall be a Deputy
17 Director appointed by the Secretary, who shall—
18 ‘‘(A) have expertise in infrastructure pro19
tection; and
20 ‘‘(B) ensure that the operations of the
21 Center and the Office of Infrastructure Protec22
tion avoid duplication and use, to the maximum
23 extent practicable, joint mechanisms for infor24
mation sharing and coordination with the pri25
vate sector.
98
HEN12160 S.L.C.
1 ‘‘(2) INTELLIGENCE COMMUNITY.—The Direc2
tor of National Intelligence, with the concurrence of
3 the Secretary, shall identify an employee of an ele4
ment of the intelligence community to serve as a
5 Deputy Director of the Center. The employee shall
6 be detailed to the Center on a reimbursable basis for
7 such period as is agreed to by the Director of the
8 Center and the Director of National Intelligence,
9 and, while serving as Deputy Director, shall report
10 directly to the Director of the Center.
11 ‘‘(h) CYBERSECURITY EXERCISE PROGRAM.—The
12 Director of the Center shall develop and implement a na13
tional cybersecurity exercise program with the participa14
tion of State and local governments, international partners
15 of the United States, and the private sector.
16 ‘‘(i) LIAISON OFFICERS.—
17 ‘‘(1) REQUIRED DETAIL OF LIAISON OFFI18
CERS.—The Secretary of Defense, the Attorney Gen19
eral, the Secretary of Commerce, and the Director of
20 National Intelligence shall assign personnel to the
21 Center to act as full-time liaisons.
22 ‘‘(2) OPTIONAL DETAIL OF LIAISON OFFI23
CERS.—The head of any Federal agency not de24
scribed in paragraph (1), with the concurrence of
99
HEN12160 S.L.C.
1 the Director of the Center, may assign personnel to
2 the Center to act as liaisons.
3 ‘‘(3) PRIVATE SECTOR LIAISON.—The Director
4 of the Center shall designate not less than 1 em5
ployee of the Center to serve as a liaison with the
6 private sector.
7 ‘‘(j) PRIVACY OFFICER.—The Director of the Center,
8 in consultation with the Secretary, shall designate a full9
time privacy officer.
10 ‘‘(k) SUFFICIENCY OF RESOURCES PLAN.—
11 ‘‘(1) REPORT.—Not later than 120 days after
12 the date of enactment of the Cybersecurity Act of
13 2012, the Director of the Office of Management and
14 Budget shall submit to the appropriate committees
15 of Congress and the Comptroller General of the
16 United States a report on the resources and staff
17 necessary to carry out fully the responsibilities under
18 this subtitle, including the availability of existing re19
sources and staff.
20 ‘‘(2) COMPTROLLER GENERAL REVIEW.—The
21 Comptroller General of the United States shall
22 evaluate the reasonableness and adequacy of the re23
port submitted by the Director of the Office of Man24
agement and Budget under paragraph (1) and sub100
HEN12160 S.L.C.
1 mit to the appropriate committees of Congress a re2
port regarding the same.
3 ‘‘(l) NO RIGHT OR BENEFIT.—The provision of as4
sistance or information under this section to governmental
5 or private entities that own or operate critical infrastruc6
ture shall be at the discretion of the Secretary. The provi7
sion of certain assistance or information to a governmental
8 or private entity pursuant to this section shall not create
9 a right or benefit, substantive or procedural, to similar
10 assistance or information for any other governmental or
11 private entity.
12 ‘‘SEC. 243. DEPARTMENT OF HOMELAND SECURITY INFOR13
MATION SHARING.
14 ‘‘(a) IN GENERAL.—
15 ‘‘(1) ASSESSMENT.—Not later than 180 days
16 after the date of enactment of the Cybersecurity Act
17 of 2012, the Director of the Center, in consultation
18 with the private sector, relevant government agen19
cies, and nongovernmental organizations, shall con20
duct an assessment of existing and proposed infor21
mation sharing models to identify best practices for
22 sharing information across government and with the
23 private sector, including through cybersecurity ex24
changes designated pursuant to section 703 of the
25 Cybersecurity Act of 2012.
101
HEN12160 S.L.C.
1 ‘‘(2) INFORMATION SHARING.—The Director of
2 the Center shall periodically review procedures estab3
lished under subsection (b) and the program estab4
lished in accordance with subsection (c) to ensure
5 that classified and unclassified cybersecurity infor6
mation, including information relating to threats,
7 vulnerabilities, traffic, trends, incidents, and other
8 anomalous activities affecting the Federal informa9
tion infrastructure, national information infrastruc10
ture, or information systems, are being appropriately
11 shared between and among appropriate Federal and
12 non-Federal entities, including Federal cybersecurity
13 centers, Federal and non-Federal network and secu14
rity operations centers, cybersecurity exchanges, and
15 non-Federal entities responsible for such information
16 systems.
17 ‘‘(b) FEDERAL AGENCIES.—
18 ‘‘(1) INFORMATION SHARING PROGRAM.—The
19 Director of the Center, in consultation with the
20 members of the Chief Information Officers Council
21 established under section 3603 of title 44, United
22 States Code, shall establish a program for sharing
23 information with and between the Center and other
24 Federal agencies that includes processes and proce25
dures—
102
HEN12160 S.L.C.
1 ‘‘(A) under which the Director of the Cen2
ter regularly shares with each Federal agency
3 analyses and reports regarding the security of
4 such agency information infrastructure and on
5 the overall security of the Federal information
6 infrastructure and information infrastructure
7 that is owned, operated, controlled, or licensed
8 for use by, or on behalf of, the Department of
9 Defense, a military department, or another ele10
ment of the intelligence community, which shall
11 include means and methods of preventing, re12
sponding to, mitigating, and remediating cyber13
security threats and vulnerabilities; and
14 ‘‘(B) under which Federal agencies provide
15 the Director of the Center, upon request, with
16 information concerning the security of the Fed17
eral information infrastructure, information in18
frastructure that is owned, operated, controlled,
19 or licensed for use by, or on behalf of, the De20
partment of Defense, a military department, or
21 another element of the intelligence community,
22 or the national information infrastructure nec23
essary to carry out the duties of the Director of
24 the Center under this subtitle or any other pro25
vision of law.
103
HEN12160 S.L.C.
1 ‘‘(2) ACCESS TO INFORMATION.—
2 ‘‘(A) IN GENERAL.—The Director of the
3 Center shall ensure—
4 ‘‘(i) that the head of each Federal
5 agency has timely access to data, including
6 appropriate raw and processed data, re7
garding the information infrastructure of
8 the Federal agency; and
9 ‘‘(ii) to the greatest extent possible,
10 that the head of each Federal agency is
11 kept apprised of common trends in security
12 compliance as well as the likelihood that a
13 significant cybersecurity risk or incident
14 could cause damage to the agency informa15
tion infrastructure.
16 ‘‘(B) COMPLIANCE.—The head of a Fed17
eral agency shall comply with all processes and
18 procedures established under this subsection re19
garding notification to the Director of the Cen20
ter relating to incidents.
21 ‘‘(C) IMMEDIATE NOTIFICATION RE22
QUIRED.—Unless otherwise directed by the
23 President, any Federal agency with a national
24 security system shall, consistent with the level
25 of the risk, immediately notify the Director of
104
HEN12160 S.L.C.
1 the Center regarding any incident affecting the
2 security of a national security system.
3 ‘‘(c) PRIVATE SECTOR, STATE AND LOCAL GOVERN4
MENTS, AND INTERNATIONAL PARTNERS.—
5 ‘‘(1) INFORMATION SHARING PROGRAM.—The
6 Director of the Center shall establish a program for
7 sharing cybersecurity threat and vulnerability infor8
mation in support of activities under section
9 242(e)(1) between the Center, cybersecurity ex10
changes designated pursuant to section 703 of the
11 Cybersecurity Act of 2012, State and local govern12
ments, the private sector, and international partners,
13 which shall include processes and procedures that—
14 ‘‘(A) expand and enhance the sharing of
15 timely and actionable cybersecurity threat and
16 vulnerability information by the Federal Gov17
ernment with owners and operators of the na18
tional information infrastructure;
19 ‘‘(B) establish criteria under which owners
20 or operators of covered critical infrastructure
21 information systems shall share information
22 about incidents affecting covered critical infra23
structure, and other relevant data with the Fed24
eral Government;
105
HEN12160 S.L.C.
1 ‘‘(C) ensure voluntary information sharing
2 with and from the private sector, State and
3 local governments, and international partners of
4 the United States on—
5 ‘‘(i) cybersecurity threats,
6 vulnerabilities, incidents, and anomalous
7 activities affecting the national information
8 infrastructure; and
9 ‘‘(ii) means and methods of identi10
fying, preventing, responding to, mitigating
11 and remediating cybersecurity threats, and
12 vulnerabilities;
13 ‘‘(D) establish a method of accessing clas14
sified or unclassified information, as appro15
priate and in accordance with applicable laws
16 protecting trade secrets, that will provide situa17
tional awareness of the security of the Federal
18 information infrastructure and the national in19
formation infrastructure relating to cybersecu20
rity threats, and vulnerabilities, including traf21
fic, trends, incidents, damage, and other anom22
alous activities affecting the Federal informa23
tion infrastructure or the national information
24 infrastructure;
106
HEN12160 S.L.C.
1 ‘‘(E) establish guidance on the form, con2
tent, and priority of incident reports that shall
3 be submitted under subsection (c)(1)(B), which
4 shall—
5 ‘‘(i) include appropriate mechanisms
6 to protect personally identifiable informa7
tion; and
8 ‘‘(ii) prioritize the reporting of inci9
dents based on the risk the incident poses
10 to the disruption of the reliable operation
11 of the covered critical infrastructure; and
12 ‘‘(F) establish a procedure for notifying an
13 information technology provider if a vulner14
ability is detected in the product or service pro15
duced by the information technology provider
16 and, where possible, working with the informa17
tion technology provider to remediate the vul18
nerability before any public disclosure of the
19 vulnerability so as to minimize the opportunity
20 for the vulnerability to be exploited.
21 ‘‘(2) COORDINATION.—In carrying out the du22
ties under this subsection, the Director of the Center
23 shall coordinate, as appropriate, with Federal and
24 non-Federal entities engaged in similar information
25 sharing efforts.
107
HEN12160 S.L.C.
1 ‘‘(3) EVALUATION OF ACCESS TO CLASSIFIED
2 INFORMATION.—The Director of the Center, in co3
ordination with the Director of National Intelligence,
4 shall conduct an annual evaluation of the sufficiency
5 of access to classified information by owners and op6
erators of national information infrastructure.
7 ‘‘(4) EVALUATION.—The Director of the Center
8 shall create and promote a mechanism for owners
9 and operators of national information infrastructure
10 to provide feedback about the operations of the Cen11
ter and recommendations for improvements of the
12 Center, including recommendations to improve the
13 sharing of classified and unclassified information.
14 ‘‘(5) GUIDELINES.—The Director of the Center,
15 in consultation with the Attorney General, the Direc16
tor of National Intelligence, and the Privacy Officer
17 established under section 242(j), shall develop guide18
lines to protect the privacy and civil liberties of
19 United States persons and intelligence sources and
20 methods, while carrying out this subsection.
21 ‘‘(d) VOLUNTARILY SHARED INFORMATION.—Cov22
ered information, as defined in section 107 of the Cyberse23
curity Act of 2012, submitted to the Center in accordance
24 with this subtitle shall be treated as voluntarily shared
25 critical infrastructure information under section 214, ex108
HEN12160 S.L.C.
1 cept that the requirement of section 214 that the informa2
tion be voluntarily submitted, including the requirement
3 for an express statement, shall not be required for submis4
sions of covered information.
5 ‘‘(e) LIMITATION ON USE OF VOLUNTARILY SUB6
MITTED INFORMATION FOR REGULATORY ENFORCEMENT
7 ACTIONS.—A Federal entity may not use information sub8
mitted under this subtitle as evidence in a regulatory en9
forcement action against the individual or entity that law10
fully submitted the information.
11 ‘‘SEC. 244. ACCESS TO INFORMATION.
12 ‘‘Unless otherwise directed by the President—
13 ‘‘(1) the Director of the Center shall have ac14
cess to, receive, and analyze law enforcement infor15
mation, intelligence information, terrorism informa16
tion, and any other information in the possession of
17 Federal agencies relevant to the security of the Fed18
eral information infrastructure, information infra19
structure that is owned, operated, controlled, or li20
censed for use by, or on behalf of, the Department
21 of Defense, a military department, or another ele22
ment of the intelligence community, or national in23
formation infrastructure and, consistent with appli24
cable law, may also receive such information, from
25 State and local governments (including law enforce109
HEN12160 S.L.C.
1 ment agencies), and private entities, including infor2
mation provided by any contractor to a Federal
3 agency regarding the security of the agency informa4
tion infrastructure; and
5 ‘‘(2) any Federal agency in possession of law
6 enforcement information, intelligence information,
7 terrorism information, or any other information rel8
evant to the security of the Federal information in9
frastructure, information infrastructure that is
10 owned, operated, controlled, or licensed for use by,
11 or on behalf of, the Department of Defense, a mili12
tary department, or another element of the intel13
ligence community, or national information infra14
structure shall provide that information to the Di15
rector of the Center in a timely manner.
16 ‘‘SEC. 245. NATIONAL CENTER FOR CYBERSECURITY AND
17 COMMUNICATIONS ACQUISITION AUTHORI18
TIES.
19 ‘‘(a) IN GENERAL.—The National Center for Cyber20
security and Communications is authorized to use the au21
thorities under subsections (c)(1) and (d)(1)(B) of section
22 2304 of title 10, United States Code, instead of the au23
thorities under subsections (a)(1) and (b)(2) of section
24 3304 of title 41, United States Code, subject to all other
110
HEN12160 S.L.C.
1 requirements of sections 3301 and 3304 of title 41, United
2 States Code.
3 ‘‘(b) GUIDELINES.—Not later than 90 days after the
4 date of enactment of the Cybersecurity Act of 2012, the
5 chief procurement officer of the Department of Homeland
6 Security shall issue guidelines for use of the authority
7 under subsection (a).
8 ‘‘(c) TERMINATION.—The National Center for Cyber9
security and Communications may not use the authority
10 under subsection (a) on and after the date that is 3 years
11 after the date of enactment of this Act.
12 ‘‘(d) REPORTING.—
13 ‘‘(1) IN GENERAL.—On a semiannual basis, the
14 Director of the Center shall submit a report on use
15 of the authority granted by subsection (a) to—
16 ‘‘(A) the Committee on Homeland Security
17 and Governmental Affairs of the Senate; and
18 ‘‘(B) the Committee on Homeland Security
19 of the House of Representatives.
20 ‘‘(2) CONTENTS.—Each report submitted under
21 paragraph (1) shall include, at a minimum—
22 ‘‘(A) the number of contract actions taken
23 under the authority under subsection (a) during
24 the period covered by the report; and
111
HEN12160 S.L.C.
1 ‘‘(B) for each contract action described in
2 subparagraph (A)—
3 ‘‘(i) the total dollar value of the con4
tract action;
5 ‘‘(ii) a summary of the market re6
search conducted by the National Center
7 for Cybersecurity and Communications, in8
cluding a list of all offerors who were con9
sidered and those who actually submitted
10 bids, in order to determine that use of the
11 authority was appropriate; and
12 ‘‘(iii) a copy of the justification and
13 approval documents required by section
14 3304(e) of title 41, United States Code.
15 ‘‘(3) CLASSIFIED ANNEX.—A report submitted
16 under this subsection shall be submitted in an un17
classified form, but may include a classified annex,
18 if necessary.
19 ‘‘SEC. 246. RECRUITMENT AND RETENTION PROGRAM FOR
20 THE NATIONAL CENTER FOR CYBERSECU21
RITY AND COMMUNICATIONS.
22 ‘‘(a) DEFINITIONS.—In this section:
23 ‘‘(1) COLLECTIVE BARGAINING AGREEMENT.—
24 The term ‘collective bargaining agreement’ has the
112
HEN12160 S.L.C.
1 meaning given that term in section 7103(a)(8) of
2 title 5, United States Code.
3 ‘‘(2) QUALIFIED EMPLOYEE.—The term ‘quali4
fied employee’ means an employee who performs
5 functions relating to the security of Federal systems
6 and critical information infrastructure.
7 ‘‘(b) GENERAL AUTHORITY.—
8 ‘‘(1) ESTABLISH POSITIONS, APPOINT PER9
SONNEL, AND FIX RATES OF PAY.—The Secretary
10 may exercise with respect to qualified employees of
11 the Department the same authority of that the Sec12
retary of Defense has with respect to civilian intel13
ligence personnel under sections 1601, 1602, and
14 1603 of title 10, United States Code, to establish as
15 positions in the excepted service, to appoint individ16
uals to those positions, and fix pay. Such authority
17 shall be exercised subject to the same conditions and
18 limitations applicable to the Secretary of Defense
19 with respect to civilian intelligence personnel of the
20 Department of Defense.
21 ‘‘(2) SCHOLARSHIP PROGRAM.—The Secretary
22 may exercise with respect to qualified employees of
23 the Department the same authority of the Secretary
24 of Defense has with respect to civilian personnel
25 under section 2200a of title 10, United States Code,
113
HEN12160 S.L.C.
1 to the same extent, and subject to the same condi2
tions and limitations, that the Secretary of Defense
3 may exercise such authority with respect to civilian
4 personnel of the Department of Defense.
5 ‘‘(3) PLAN FOR EXECUTION OF AUTHORI6
TIES.—Not later than 120 days after the date of en7
actment of this subtitle, the Secretary shall submit
8 a report to the appropriate committees of Congress
9 with a plan for the use of the authorities provided
10 under this subsection.
11 ‘‘(4) COLLECTIVE BARGAINING AGREEMENTS.—
12 Nothing in paragraph (1) may be construed to im13
pair the continued effectiveness of a collective bar14
gaining agreement with respect to an office, compo15
nent, subcomponent, or equivalent of the Depart16
ment that is a successor to an office, component,
17 subcomponent, or equivalent of the Department cov18
ered by the agreement before the succession.
19 ‘‘(5) REQUIRED REGULATIONS.—The Secretary,
20 in coordination with the Director of the Center and
21 the Director of the Office of Personnel Management,
22 shall prescribe regulations for the administration of
23 this section.
24 ‘‘(c) MERIT SYSTEM PRINCIPLES AND CIVIL SERV25
ICE PROTECTIONS: APPLICABILITY.—
114
HEN12160 S.L.C.
1 ‘‘(1) APPLICABILITY OF MERIT SYSTEM PRIN2
CIPLES.—The Secretary shall exercise the authority
3 under subsection (b) in a manner consistent with the
4 merit system principles set forth in section 2301 of
5 title 5, United States Code.
6 ‘‘(2) CIVIL SERVICE PROTECTIONS.—Section
7 1221, section 2302, and chapter 75 of title 5,
8 United States Code, shall apply to the positions es9
tablished under subsection (b)(1).
10 ‘‘(d) REQUIREMENTS.—Before the initial exercise of
11 any authority authorized under subsection (b)(1) the Sec12
retary shall—
13 ‘‘(1) seek input from affected employees, and
14 the union representatives of affected employees as
15 applicable, and Federal manager and professional
16 associations into the design and implementation of a
17 fair, credible, and transparent system for exercising
18 any authority under subsection (b)(1);
19 ‘‘(2) make a good faith attempt to resolve any
20 employee concerns regarding proposed changes in
21 conditions of employment through discussions with
22 the groups described in paragraph (1);
23 ‘‘(3) develop a program to provide training to
24 supervisors of cybersecurity employees at the De25
partment on the use of the new authorities, includ115
HEN12160 S.L.C.
1 ing actions, options, and strategies a supervisor may
2 use in—
3 ‘‘(A) developing and discussing relevant
4 goals and objectives with the employee, commu5
nicating and discussing progress relative to per6
formance goals and objectives, and conducting
7 performance appraisals;
8 ‘‘(B) mentoring and motivating employees,
9 and improving employee performance and pro10
ductivity;
11 ‘‘(C) fostering a work environment charac12
terized by fairness, respect, equal opportunity,
13 and attention to the quality of work of the em14
ployees;
15 ‘‘(D) effectively managing employees with
16 unacceptable performance;
17 ‘‘(E) addressing reports of a hostile work
18 environment, reprisal, or harassment of or by
19 another supervisor or employee; and
20 ‘‘(F) otherwise carrying out the duties and
21 responsibilities of a supervisor;
22 ‘‘(4) develop a program to provide training to
23 supervisors of cybersecurity employees at the De24
partment on the prohibited personnel practices
25 under section 2302 of title 5, United States Code,
116
HEN12160 S.L.C.
1 (particularly with respect to the practices described
2 in paragraphs (1) and (8) of section 2302(b) of title
3 5, United States Code), employee collective bar4
gaining and union participation rights, and the pro5
cedures and processes used to enforce employee
6 rights; and
7 ‘‘(5) develop a program under which experi8
enced supervisors mentor new supervisors by—
9 ‘‘(A) sharing knowledge and advice in
10 areas such as communication, critical thinking,
11 responsibility, flexibility, motivating employees,
12 teamwork, leadership, and professional develop13
ment; and
14 ‘‘(B) pointing out strengths and areas for
15 development.
16 ‘‘(e) SUPERVISOR REQUIREMENT.—
17 ‘‘(1) IN GENERAL.—Except as provided in para18
graph (2), not later than 1 year after the date of en19
actment of the Cybersecurity Act of 2012 and every
20 3 years thereafter, every supervisor of cybersecurity
21 employees at the Department shall complete the pro22
grams established under paragraphs (3) and (4) of
23 subsection (d).
24 ‘‘(2) EXCEPTION.—A supervisor of cybersecu25
rity employees at the Department who is appointed
117
HEN12160 S.L.C.
1 after the date of enactment of the Cybersecurity Act
2 of 2012 shall complete the programs established
3 under paragraphs (3) and (4) of subsection (d) not
4 later than 1 year after the date on which the super5
visor is appointed to the position, and every 3 years
6 thereafter.
7 ‘‘(3) ONGOING PARTICIPATION.—Participation
8 by supervisors of cybersecurity employees at the De9
partment in the program established under sub10
section (d)(5) shall be ongoing.
11 ‘‘(f) CONVERSION TO COMPETITIVE SERVICE.—In
12 consultation with the Director of the Center, the Secretary
13 may grant competitive civil service status to a qualified
14 employee appointed to the excepted service under sub15
section (b) if that employee is employed in the Center or
16 is transferring to the Center.
17 ‘‘(g) ANNUAL REPORT.—Not later than 1 year after
18 the date of enactment of this subtitle, and every year
19 thereafter for 4 years, the Secretary shall submit to the
20 appropriate committees of Congress a detailed report
21 that—
22 ‘‘(1) discusses the process used by the Sec23
retary in accepting applications, assessing can24
didates, ensuring adherence to veterans’ preference,
118
HEN12160 S.L.C.
1 and selecting applicants for vacancies to be filled by
2 a qualified employee;
3 ‘‘(2) describes—
4 ‘‘(A) how the Secretary plans to fulfill the
5 critical need of the Department to recruit and
6 retain qualified employees;
7 ‘‘(B) the measures that will be used to
8 measure progress; and
9 ‘‘(C) any actions taken during the report10
ing period to fulfill such critical need;
11 ‘‘(3) discusses how the planning and actions
12 taken under paragraph (2) are integrated into the
13 strategic workforce planning of the Department;
14 ‘‘(4) provides metrics on actions occurring dur15
ing the reporting period, including—
16 ‘‘(A) the number of qualified employees
17 hired by occupation and grade and level or pay
18 band;
19 ‘‘(B) the total number of veterans hired;
20 ‘‘(C) the number of separations of qualified
21 employees by occupation and grade and level or
22 pay band;
23 ‘‘(D) the number of retirements of quali24
fied employees by occupation and grade and
25 level or pay band; and
119
HEN12160 S.L.C.
1 ‘‘(E) the number and amounts of recruit2
ment, relocation, and retention incentives paid
3 to qualified employees by occupation and grade
4 and level or pay band.
5 ‘‘SEC. 247. PROHIBITED CONDUCT.
6 ‘‘None of the authorities provided under this subtitle
7 shall authorize the Director of the Center, the Center, the
8 Department, or any other Federal entity to—
9 ‘‘(1) compel the disclosure of information from
10 a private entity relating to an incident unless other11
wise authorized by law; or
12 ‘‘(2) intercept a wire, oral, or electronic commu13
nication (as those terms are defined in section 2510
14 of title 18, United States Code), access a stored
15 electronic or wire communication, install or use a
16 pen register or trap and trace device, or conduct
17 electronic surveillance (as defined in section 101 of
18 the Foreign Intelligence Surveillance Act of 1978
19 (50 U.S.C.1801)) relating to an incident unless oth20
erwise authorized under chapter 119, chapter 121,
21 or chapter 206 of title 18, United States Code, or
22 the Foreign Intelligence Surveillance Act of 1978
23 (50 U.S.C. 1801 et seq.).’’.
24 (b) TECHNICAL AND CONFORMING AMENDMENT.—
25 The table of contents in section 1(b) of the Homeland Se120
HEN12160 S.L.C.
1 curity Act of 2002 (6 U.S.C. 101 et seq.) is amended by
2 inserting after the item relating to section 237 the fol3
lowing:
‘‘Subtitle E—Cybersecurity
‘‘Sec. 241. Definitions.
‘‘Sec. 242. Consolidation of existing resources.
‘‘Sec. 243. Department of Homeland Security information sharing.
‘‘Sec. 244. Access to information.
‘‘Sec. 245. National Center for Cybersecurity and Communications acquisition
authorities.
‘‘Sec. 246. Recruitment and retention program for the National Center for Cybersecurity
and Communications.
‘‘Sec. 247. Prohibited conduct.’’.
4 TITLE IV—EDUCATION, RE5
CRUITMENT, AND WORK6
FORCE DEVELOPMENT
7 SEC. 401. DEFINITIONS.
8 In this title:
9 (1) CYBERSECURITY MISSION.—The term ‘‘cy10
bersecurity mission’’ means activities that encom11
pass the full range of threat reduction, vulnerability
12 reduction, deterrence, international engagement, in13
cident response, resiliency, and recovery policies and
14 activities, including computer network operations, in15
formation assurance, law enforcement, diplomacy,
16 military, and intelligence missions as such activities
17 relate to the security and stability of cyberspace.
18 (2) CYBERSECURITY MISSION OF A FEDERAL
19 AGENCY.—The term ‘‘cybersecurity mission of a
20 Federal agency’’ means the portion of a cybersecu121
HEN12160 S.L.C.
1 rity mission that is the responsibility of a Federal
2 agency.
3 SEC. 402. NATIONAL EDUCATION AND AWARENESS CAM4
PAIGN.
5 (a) IN GENERAL.—The Secretary, in consultation
6 with appropriate Federal agencies shall develop and imple7
ment outreach and awareness programs on cybersecurity,
8 including—
9 (1) in consultation with the Director of the Na10
tional Institute of Standards and Technology—
11 (A) a public education campaign to in12
crease the awareness of cybersecurity, cyber
13 safety, and cyber ethics, which shall include the
14 use of the Internet, social media, entertainment,
15 and other media to reach the public; and
16 (B) an education campaign to increase the
17 understanding of State and local governments
18 and private sector entities of the benefits of en19
suring effective risk management of the infor20
mation infrastructure versus the costs of failure
21 to do so and methods to mitigate and remediate
22 vulnerabilities; and
23 (2) in coordination with the Secretary of Com24
merce, development of a program to publicly recog25
nize or identify products, services, and companies,
122
HEN12160 S.L.C.
1 including owners and operators, that meet the high2
est standards of cybersecurity.
3 (b) CONSIDERATIONS.—In carrying out the authority
4 described in subsection (a), the Secretary of Commerce,
5 the Secretary, and the Director of the National Institute
6 of Standards and Technology shall leverage existing pro7
grams designed to inform the public of safety and security
8 of products or services, including self-certifications and
9 independently-verified assessments regarding the quan10
tification and valuation of information security risk.
11 SEC. 403. NATIONAL CYBERSECURITY COMPETITION AND
12 CHALLENGE.
13 (a) TALENT COMPETITION AND CHALLENGE.—
14 (1) IN GENERAL.—The Secretary of Homeland
15 Security and the Secretary of Commerce shall estab16
lish a program to conduct competitions and chal17
lenges and ensure the effective operation of national
18 and statewide competitions and challenges that seek
19 to identify, develop, and recruit talented individuals
20 to work in Federal agencies, State and local govern21
ment agencies, and the private sector to perform du22
ties relating to the security of the Federal informa23
tion infrastructure or the national information infra24
structure.
123
HEN12160 S.L.C.
1 (2) PARTICIPATION.—Participants in the com2
petitions and challenges of the program established
3 under paragraph (1) shall include—
4 (A) students enrolled in grades 9 through
5 12;
6 (B) students enrolled in a postsecondary
7 program of study leading to a baccalaureate de8
gree at an institution of higher education;
9 (C) students enrolled in a
10 postbaccalaureate program of study leading to
11 an institution of higher education;
12 (D) institutions of higher education and
13 research institutions;
14 (E) veterans; and
15 (F) other groups or individuals as the Sec16
retary of Homeland Security and the Secretary
17 of Commerce determine appropriate.
18 (3) SUPPORT OF OTHER COMPETITIONS AND
19 CHALLENGES.—The program established under
20 paragraph (1) may support other competitions and
21 challenges not established under this subsection
22 through affiliation and cooperative agreements
23 with—
24 (A) Federal agencies;
124
HEN12160 S.L.C.
1 (B) regional, State, or school programs
2 supporting the development of cyber profes3
sionals;
4 (C) State, local, and tribal governments; or
5 (D) other private sector organizations.
6 (4) AREAS OF TALENT.—The program estab7
lished under paragraph (1) shall seek to identify, de8
velop, and recruit exceptional talent relating to—
9 (A) ethical hacking;
10 (B) penetration testing;
11 (C) vulnerability assessment;
12 (D) continuity of system operations;
13 (E) cyber forensics;
14 (F) offensive and defensive cyber oper15
ations; and
16 (G) other areas to fulfill the cybersecurity
17 mission as the Director determines appropriate.
18 (5) INTERNSHIPS.—The Director of the Office
19 of Personnel Management shall establish, in coordi20
nation with the Director of the National Center for
21 Cybersecurity and Communications, a program to
22 provide, where appropriate, internships or other
23 work experience in the Federal government to the
24 winners of the competitions and challenges.
125
HEN12160 S.L.C.
1 (b) NATIONAL RESEARCH AND DEVELOPMENT COM2
PETITION AND CHALLENGE.—
3 (1) IN GENERAL.—The Director of the National
4 Science Foundation, in consultation with appropriate
5 Federal agencies, shall establish a program of cyber6
security competitions and challenges to stimulate in7
novation in basic and applied cybersecurity research,
8 technology development, and prototype demonstra9
tion that has the potential for application to the in10
formation technology activities of the Federal Gov11
ernment.
12 (2) PARTICIPATION.—Participants in the com13
petitions and challenges of the program established
14 under paragraph (1) shall include—
15 (A) students enrolled in grades 9 through
16 12;
17 (B) students enrolled in a postsecondary
18 program of study leading to a baccalaureate de19
gree at an institution of higher education;
20 (C) students enrolled in a
21 postbaccalaureate program of study leading to
22 an institution of higher education;
23 (D) institutions of higher education and
24 research institutions;
25 (E) veterans; and
126
HEN12160 S.L.C.
1 (F) other groups or individuals as the Di2
rector of the National Science Foundation de3
termines appropriate.
4 (3) TOPICS.—In selecting topics for competi5
tions and challenges held as part of the program es6
tablished under paragraph (1), the Director—
7 (A) shall consult widely both within and
8 outside the Federal Government; and
9 (B) may empanel advisory committees.
10 (4) INTERNSHIPS.—The Director of the Office
11 of Personnel Management shall establish, in coordi12
nation with the Director of the National Science
13 Foundation, a program to provide, where appro14
priate, internships or other work experience in the
15 Federal government to the winners of the competi16
tions and challenges held as part of the program es17
tablished under paragraph (1).
18 SEC. 404. FEDERAL CYBER SCHOLARSHIP-FOR-SERVICE
19 PROGRAM.
20 (a) IN GENERAL.—The Director of the National
21 Science Foundation, in coordination with the Secretary,
22 shall establish a Federal Cyber Scholarship-for-Service
23 program to recruit and train the next generation of infor24
mation technology professionals, industry control system
25 security professionals, and security managers to meet the
127
HEN12160 S.L.C.
1 needs of the cybersecurity mission for the Federal Govern2
ment and State, local, and tribal governments.
3 (b) PROGRAM DESCRIPTION AND COMPONENTS.—
4 The program established under subsection (a) shall—
5 (1) incorporate findings from the assessment
6 and development of the strategy under section 405;
7 (2) provide not more than 1,000 scholarships
8 per year, to students who are enrolled in a program
9 of study at an institution of higher education leading
10 to a degree or specialized program certification in
11 the cybersecurity field, in an amount that covers
12 each student’s tuition and fees at the institution and
13 provides the student with an additional stipend;
14 (3) require each scholarship recipient, as a con15
dition of receiving a scholarship under the program,
16 to enter into an agreement under which the recipient
17 agrees to work in the cybersecurity mission of a
18 Federal, State, local, or tribal agency for a period
19 equal to the length of the scholarship following re20
ceipt of the student’s degree if offered employment
21 in that field by a Federal, State, local, or tribal
22 agency;
23 (4) provide a procedure by which the National
24 Science Foundation or a Federal agency may, con25
sistent with regulations of the Office of Personnel
128
HEN12160 S.L.C.
1 Management, request and fund security clearances
2 for scholarship recipients, including providing for
3 clearances during summer internships and after the
4 recipient receives the degree; and
5 (5) provide opportunities for students to receive
6 temporary appointments for meaningful employment
7 in the cybersecurity mission of a Federal agency
8 during school vacation periods and for internships.
9 (c) HIRING AUTHORITY.—
10 (1) IN GENERAL.—For purposes of any law or
11 regulation governing the appointment of individuals
12 in the Federal civil service, upon receiving a degree
13 for which an individual received a scholarship under
14 this section, the individual shall be—
15 (A) hired under the authority provided for
16 in section 213.3102(r) of title 5, Code of Fed17
eral Regulations; and
18 (B) exempt from competitive service.
19 (2) COMPETITIVE SERVICE POSITION.—Upon
20 satisfactory fulfillment of the service term of an in21
dividual hired under paragraph (1), the individual
22 may be converted to a competitive service position
23 without competition if the individual meets the re24
quirements for that position.
129
HEN12160 S.L.C.
1 (d) ELIGIBILITY.—To be eligible to receive a scholar2
ship under this section, an individual shall—
3 (1) be a citizen or lawful permanent resident of
4 the United States;
5 (2) demonstrate a commitment to a career in
6 improving the security of information infrastructure;
7 and
8 (3) have demonstrated a high level of pro9
ficiency in mathematics, engineering, or computer
10 sciences.
11 (e) REPAYMENT.—If a recipient of a scholarship
12 under this section does not meet the terms of the scholar13
ship program, the recipient shall refund the scholarship
14 payments in accordance with rules established by the Di15
rector of the National Science Foundation, in coordination
16 with the Secretary.
17 (f) EVALUATION AND REPORT.—The Director of the
18 National Science Foundation shall evaluate and report pe19
riodically to Congress on the success of recruiting individ20
uals for the scholarships and on hiring and retaining those
21 individuals in the public sector workforce.
22 SEC. 405. ASSESSMENT OF CYBERSECURITY FEDERAL
23 WORKFORCE.
24 (a) IN GENERAL.—The Director of the Office of Per25
sonnel Management and the Secretary, in coordination
130
HEN12160 S.L.C.
1 with the Director of National Intelligence, the Secretary
2 of Defense, and the Chief Information Officers Council es3
tablished under section 3603 of title 44, United States
4 Code, shall assess the readiness and capacity of the Fed5
eral workforce to meet the needs of the cybersecurity mis6
sion of the Federal Government.
7 (b) STRATEGY.—
8 (1) IN GENERAL.—Not later than 180 days
9 after the date of enactment of this Act, the Director
10 of the Office of Personnel Management, in consulta11
tion with the Director of the National Center for Cy12
bersecurity and Communications and the Director of
13 the Office of Management and Budget, shall develop
14 a comprehensive workforce strategy that enhances
15 the readiness, capacity, training, and recruitment
16 and retention of cybersecurity personnel of the Fed17
eral Government.
18 (2) CONTENTS.—The strategy developed under
19 paragraph (1) shall include—
20 (A) a 5-year plan on recruitment of per21
sonnel for the Federal workforce; and
22 (B) a 10-year projections of Federal work23
force needs.
24 (c) UPDATES.—The Director of the Office of Per25
sonnel Management, in consultation with the Director of
131
HEN12160 S.L.C.
1 the National Center for Cybersecurity and Communica2
tions and the Director of the Office of Management and
3 Budget, shall update the strategy developed under sub4
section (b) as needed.
5 SEC. 406. FEDERAL CYBERSECURITY OCCUPATION CLASSI6
FICATIONS.
7 (a) IN GENERAL.—Not later than 1 year after the
8 date of enactment of this Act, the Director of the Office
9 of Personnel Management, in coordination with the Direc10
tor of the National Center for Cybersecurity and Commu11
nications, shall develop and issue comprehensive occupa12
tion classifications for Federal employees engaged in cy13
bersecurity missions.
14 (b) APPLICABILITY OF CLASSIFICATIONS.—The Di15
rector of the Office of Personnel Management shall ensure
16 that the comprehensive occupation classifications issued
17 under subsection (a) may be used throughout the Federal
18 Government.
19 SEC. 407. TRAINING AND EDUCATION.
20 (a) DEFINITION.—In this section, the term ‘‘agency
21 information infrastructure’’ means the Federal informa22
tion infrastructure of a Federal agency.
23 (b) TRAINING.—
24 (1) FEDERAL GOVERNMENT EMPLOYEES AND
25 FEDERAL CONTRACTORS.—The Director of the Of132
HEN12160 S.L.C.
1 fice of Personnel Management, in coordination with
2 the Secretary, the Director of National Intelligence,
3 the Secretary of Defense, and the Chief Information
4 Officers Council established under section 3603 of
5 title 44, United States Code, shall establish a cyber6
security awareness and education curriculum that
7 shall be required for all Federal employees and con8
tractors engaged in the design, development, or op9
eration of an agency information infrastructure or
10 the Federal information infrastructure.
11 (2) CONTENTS.—The curriculum established
12 under paragraph (1) shall include, at a minimum—
13 (A) role-based security awareness training;
14 (B) recommended cybersecurity practices;
15 (C) cybersecurity recommendations for
16 traveling abroad;
17 (D) unclassified counterintelligence infor18
mation;
19 (E) information regarding industrial espio20
nage;
21 (F) information regarding malicious activ22
ity online;
23 (G) information regarding cybersecurity
24 and law enforcement;
25 (H) identity management information;
133
HEN12160 S.L.C.
1 (I) information regarding supply chain se2
curity;
3 (J) information security risks associated
4 with the activities of Federal employees and
5 contractors; and
6 (K) the responsibilities of Federal employ7
ees and contractors in complying with policies
8 and procedures designed to reduce information
9 security risks identified under subparagraph
10 (J).
11 (3) FEDERAL CYBERSECURITY PROFES12
SIONALS.—The Director of the Office of Personnel
13 Management in conjunction with the Secretary, the
14 Director of National Intelligence, the Secretary of
15 Defense, the Director of the Office of Management
16 and Budget, and, as appropriate, colleges, univer17
sities, and nonprofit organizations with cybersecurity
18 training expertise, shall develop a program to pro19
vide training to improve and enhance the skills and
20 capabilities of Federal employees engaged in the cy21
bersecurity mission, including training specific to the
22 acquisition workforce.
23 (4) HEADS OF FEDERAL AGENCIES.—Not later
24 than 30 days after the date on which an individual
25 is appointed to a position at level I or II of the Ex134
HEN12160 S.L.C.
1 ecutive Schedule, the Secretary and the Director of
2 National Intelligence shall provide that individual
3 with a cybersecurity threat briefing.
4 (5) CERTIFICATION.—The head of each Federal
5 agency shall include in the annual report required
6 under section 3554(c) of title 44, United States
7 Code, as amended by this Act, a certification regard8
ing whether all employees and contractors of the
9 Federal agency have completed the training required
10 under this subsection.
11 (c) EDUCATION.—
12 (1) FEDERAL EMPLOYEES.—The Director of
13 the Office of Personnel Management, in coordination
14 with the Secretary of Education, the Director of the
15 National Science Foundation, and the Director of
16 the National Center for Cybersecurity and Commu17
nications, shall develop and implement a strategy to
18 provide Federal employees who work in cybersecurity
19 missions with the opportunity to obtain additional
20 education.
21 (2) K THROUGH 12 EDUCATION.—The Sec22
retary of Education, in coordination with the Direc23
tor of the National Center for Cybersecurity and
24 Communications and State and local governments,
25 shall develop model curriculum standards, guide135
HEN12160 S.L.C.
1 lines, and recommended courses to address cyber
2 safety, cybersecurity, and cyber ethics for students
3 in kindergarten through grade 12.
4 (3) INSTITUTIONS OF HIGHER EDUCATION AND
5 CAREER AND TECHNICAL INSTITUTIONS.—
6 (A) SECRETARY OF EDUCATION.—The
7 Secretary of Education, in coordination with
8 the Secretary, and after consultation with ap9
propriate private entities, shall—
10 (i) develop model curriculum stand11
ards and guidelines to address cyber safe12
ty, cybersecurity, and cyber ethics for all
13 students enrolled in institutions of higher
14 education, and all students enrolled in ca15
reer and technical institutions, in the
16 United States; and
17 (ii) analyze and develop recommended
18 courses for students interested in pursuing
19 careers in information technology, commu20
nications, computer science, engineering,
21 mathematics, and science, as those sub22
jects relate to cybersecurity.
23 (B) OFFICE OF PERSONNEL MANAGE24
MENT.—The Director of the Office of Personnel
25 Management, in coordination with the Director
136
HEN12160 S.L.C.
1 of the National Center for Cybersecurity and
2 Communications, shall develop strategies and
3 programs—
4 (i) to recruit students enrolled in in5
stitutions of higher education, and stu6
dents enrolled in career and technical insti7
tutions in the United States to serve as
8 Federal employees engaged in cybersecu9
rity missions; and
10 (ii) that provide internship and part11
time work opportunities with the Federal
12 Government for students enrolled in insti13
tutions of higher education and career and
14 technical institutions in the United States.
15 SEC. 408. CYBERSECURITY INCENTIVES.
16 The head of each Federal agency shall adopt best
17 practices, developed by the Office of Personnel Manage18
ment, regarding effective ways to educate and motivate
19 employees of the Federal Government to demonstrate
20 leadership in cybersecurity, including—
21 (1) promotions and other nonmonetary awards;
22 and
23 (2) publicizing information sharing accomplish24
ments by individual employees and, if appropriate,
25 the tangible benefits that resulted.
137
HEN12160 S.L.C.
1 TITLE V—RESEARCH AND
2 DEVELOPMENT
3 SEC. 501. FEDERAL CYBERSECURITY RESEARCH AND DE4
VELOPMENT.
5 (a) FUNDAMENTAL CYBERSECURITY RESEARCH.—
6 The Director of the Office of Science and Technology Pol7
icy (referred to in this section as the ‘‘Director’’), in co8
ordination with the Secretary and the head of any relevant
9 Federal agency, shall develop a national cybersecurity re10
search and development plan.
11 (b) REQUIREMENTS.—The plan required to be devel12
oped under subsection (a) shall encourage computer and
13 information science and engineering research to meet chal14
lenges in cybersecurity, including—
15 (1) how to design and build complex software16
intensive systems that are secure and reliable when
17 first deployed;
18 (2) how to test and verify that software, wheth19
er developed locally or obtained from a third party,
20 is free of significant known security flaws;
21 (3) how to test and verify that software ob22
tained from a third party correctly implements stat23
ed functionality, and only that functionality;
24 (4) how to guarantee the privacy of the iden25
tity, information, or lawful transactions of an indi138
HEN12160 S.L.C.
1 vidual when stored in distributed systems or trans2
mitted over networks;
3 (5) how to build new protocols to enable the
4 Internet to have robust security as one of the key
5 capabilities of the Internet;
6 (6) how to determine the origin of a message
7 transmitted over the Internet;
8 (7) how to support privacy in conjunction with
9 improved security;
10 (8) how to address the growing problem of in11
sider threat; and
12 (9) how improved consumer education and dig13
ital literacy initiatives can address human factors
14 that contribute to cybersecurity.
15 (c) SECURE CODING RESEARCH.—The Director shall
16 support research—
17 (1) that evaluates selected secure coding edu18
cation and improvement programs; and
19 (2) of new methods of integrating secure coding
20 improvement into the core curriculum of computer
21 science programs and of other programs where grad22
uates of such programs have a substantial prob23
ability of developing software after graduation.
24 (d) ASSESSMENT OF SECURE CODING EDUCATION IN
25 COLLEGES AND UNIVERSITIES.—
139
HEN12160 S.L.C.
1 (1) REPORT.—Not later than 1 year after the
2 date of enactment of this Act, the Director shall
3 submit to the Committee on Commerce, Science, and
4 Transportation of the Senate and the Committee on
5 Science and Technology of the House of Representa6
tives a report on the state of secure coding education
7 in institutions of higher education of the United
8 States for each institution that received National
9 Science Foundation funding in excess of $1,000,000
10 during fiscal year 2011.
11 (2) CONTENTS OF REPORT.—The report re12
quired under paragraph (1) shall include—
13 (A) the number of students who earned
14 baccalaureate degrees in computer science or in
15 each other program where graduates have a
16 substantial probability of being engaged in soft17
ware design or development after graduation;
18 (B) the percentage of the students de19
scribed in subparagraph (A) who completed
20 substantive secure coding education or improve21
ment programs during their undergraduate ex22
perience; and
23 (C) descriptions of the length and content
24 of the education and improvement programs
25 and an evaluation of the effectiveness of those
140
HEN12160 S.L.C.
1 programs based on the students’ scores on
2 standard tests of secure coding and design
3 skills.
4 (e) CYBERSECURITY MODELING AND TEST BEDS.—
5 (1) REVIEW.—Not later than 1 year after the
6 date of enactment of this Act, the Director shall
7 conduct a review of cybersecurity test beds in exist8
ence on the date of enactment of this Act.
9 (2) ESTABLISHMENT OF PROGRAM.—
10 (A) IN GENERAL.—Based on the results of
11 the review conducted under paragraph (1), the
12 Director shall establish a program to award
13 grants to institutions of higher education to es14
tablish cybersecurity test beds capable of real15
istic modeling of real-time cyber attacks and de16
fenses.
17 (B) REQUIREMENT.—The test beds estab18
lished under subparagraph (A) shall be suffi19
ciently large in order to model the scale and
20 complexity of real world networks and environ21
ments.
22 (3) PURPOSE.—The purpose of the program es23
tablished under paragraph (2) shall be to support
24 the rapid development of new cybersecurity defenses,
25 techniques, and processes by improving under141
HEN12160 S.L.C.
1 standing and assessing the latest technologies in a
2 real-world environment.
3 (f) COORDINATION WITH OTHER RESEARCH INITIA4
TIVES.—The Director shall—
5 (1) ensure that the research and development
6 program carried out under this section is consistent
7 with any strategy to increase the security and resil8
ience of cyberspace; and
9 (2) to the extent practicable, coordinate re10
search and development activities with other ongoing
11 research and development security-related initiatives,
12 including research being conducted by—
13 (A) the National Institute of Standards
14 and Technology;
15 (B) the Department;
16 (C) the National Academy of Sciences;
17 (D) other Federal agencies;
18 (E) other Federal and private research lab19
oratories, research entities, and universities and
20 institutions of higher education, and relevant
21 nonprofit organizations; and
22 (F) international partners of the United
23 States.
24 (g) NSF COMPUTER AND NETWORK SECURITY RE25
SEARCH GRANT AREAS.—Section 4(a)(1) of the Cyber Se142
HEN12160 S.L.C.
1 curity Research and Development Act (15 U.S.C.
2 7403(a)(1)) is amended—
3 (1) in subparagraph (H), by striking ‘‘and’’ at
4 the end;
5 (2) in subparagraph (I), by striking the period
6 at the end and inserting a semicolon; and
7 (3) by adding at the end the following:
8 ‘‘(J) secure fundamental protocols that are
9 at the heart of inter-network communications
10 and data exchange;
11 ‘‘(K) secure software engineering and soft12
ware assurance, including—
13 ‘‘(i) programming languages and sys14
tems that include fundamental security
15 features;
16 ‘‘(ii) portable or reusable code that re17
mains secure when deployed in various en18
vironments;
19 ‘‘(iii) verification and validation tech20
nologies to ensure that requirements and
21 specifications have been implemented; and
22 ‘‘(iv) models for comparison and
23 metrics to assure that required standards
24 have been met;
25 ‘‘(L) holistic system security that—
143
HEN12160 S.L.C.
1 ‘‘(i) addresses the building of secure
2 systems from trusted and untrusted com3
ponents;
4 ‘‘(ii) proactively reduces
5 vulnerabilities;
6 ‘‘(iii) addresses insider threats; and
7 ‘‘(iv) supports privacy in conjunction
8 with improved security;
9 ‘‘(M) monitoring and detection; and
10 ‘‘(N) mitigation and rapid recovery meth11
ods.’’.
12 (h) CYBERSECURITY FACULTY DEVELOPMENT
13 TRAINEESHIP PROGRAM.—Section 5(e)(9) of the Cyber
14 Security Research and Development Act (15 U.S.C.
15 7404(e)(9)) is amended by striking ‘‘2003 through 2007’’
16 and inserting ‘‘2012 through 2014’’.
17 (i) NETWORKING AND INFORMATION TECHNOLOGY
18 RESEARCH AND DEVELOPMENT PROGRAM.—Section
19 204(a)(1) of the High-Performance Computing Act of
20 1991 (15 U.S.C. 5524(a)(1)) is amended—
21 (1) in subparagraph (B), by striking ‘‘and’’ at
22 the end; and
23 (2) by adding at the end the following:
24 ‘‘(D) develop and propose standards and
25 guidelines, and develop measurement techniques
144
HEN12160 S.L.C.
1 and test methods, for enhanced cybersecurity
2 for computer networks and common user inter3
faces to systems; and’’.
4 SEC. 502. HOMELAND SECURITY CYBERSECURITY RE5
SEARCH AND DEVELOPMENT.
6 Subtitle D of title II of the Homeland Security Act
7 of 2002 (6 U.S.C. 161 et seq.) is amended by adding at
8 the end the following:
9 ‘‘SEC. 238. CYBERSECURITY RESEARCH AND DEVELOP10
MENT.
11 ‘‘(a) ESTABLISHMENT OF RESEARCH AND DEVELOP12
MENT PROGRAM.—The Under Secretary for Science and
13 Technology, in coordination with the Director of the Na14
tional Center for Cybersecurity and Communications, shall
15 carry out a research and development program for the
16 purpose of improving the security of information infra17
structure.
18 ‘‘(b) ELIGIBLE PROJECTS.—The research and devel19
opment program carried out under subsection (a) may in20
clude projects to—
21 ‘‘(1) advance the development and accelerate
22 the deployment of more secure versions of funda23
mental Internet protocols and architectures, includ24
ing for the secure domain name addressing system
25 and routing security;
145
HEN12160 S.L.C.
1 ‘‘(2) improve and create technologies for detect2
ing and analyzing attacks or intrusions, including
3 analysis of malicious software;
4 ‘‘(3) improve and create mitigation and recov5
ery methodologies, including techniques for contain6
ment of attacks and development of resilient net7
works and systems;
8 ‘‘(4) develop and support infrastructure and
9 tools to support cybersecurity research and develop10
ment efforts, including modeling, test beds, and data
11 sets for assessment of new cybersecurity tech12
nologies;
13 ‘‘(5) assist the development and support of
14 technologies to reduce vulnerabilities in process con15
trol systems;
16 ‘‘(6) understand human behavioral factors that
17 can affect cybersecurity technology and practices;
18 ‘‘(7) test, evaluate, and facilitate, with appro19
priate protections for any proprietary information
20 concerning the technologies, the transfer of tech21
nologies associated with the engineering of less vul22
nerable software and securing the information tech23
nology software development lifecycle;
24 ‘‘(8) assist the development of identity manage25
ment and attribution technologies;
146
HEN12160 S.L.C.
1 ‘‘(9) assist the development of technologies de2
signed to increase the security and resiliency of tele3
communications networks;
4 ‘‘(10) advance the protection of privacy and
5 civil liberties in cybersecurity technology and prac6
tices; and
7 ‘‘(11) address other risks identified by the Di8
rector of the National Center for Cybersecurity and
9 Communications.
10 ‘‘(c) COORDINATION WITH OTHER RESEARCH INI11
TIATIVES.—The Under Secretary for Science and Tech12
nology—
13 ‘‘(1) shall ensure that the research and develop14
ment program carried out under subsection (a) is
15 consistent with any strategy to increase the security
16 and resilience of cyberspace;
17 ‘‘(2) shall, to the extent practicable, coordinate
18 the research and development activities of the De19
partment with other ongoing research and develop20
ment security-related initiatives, including research
21 being conducted by—
22 ‘‘(A) the National Institute of Standards
23 and Technology;
24 ‘‘(B) the National Science Foundation;
25 ‘‘(C) the National Academy of Sciences;
147
HEN12160 S.L.C.
1 ‘‘(D) other Federal agencies;
2 ‘‘(E) other Federal and private research
3 laboratories, research entities, and universities
4 and institutions of higher education, and rel5
evant nonprofit organizations; and
6 ‘‘(F) international partners of the United
7 States;
8 ‘‘(3) shall carry out any research and develop9
ment project under subsection (a) through a reim10
bursable agreement with an appropriate Federal
11 agency, if the Federal agency—
12 ‘‘(A) is sponsoring a research and develop13
ment project in a similar area; or
14 ‘‘(B) has a unique facility or capability
15 that would be useful in carrying out the project;
16 ‘‘(4) may make grants to, or enter into coopera17
tive agreements, contracts, other transactions, or re18
imbursable agreements with, the entities described in
19 paragraph (2); and
20 ‘‘(5) shall submit a report to the appropriate
21 committees of Congress on a review of the cyberse22
curity activities, and the capacity, of the national
23 laboratories and other research entities available to
24 the Department to determine if the establishment of
148
HEN12160 S.L.C.
1 a national laboratory dedicated to cybersecurity re2
search and development is necessary.’’.
3 TITLE VI—FEDERAL ACQUISI4
TION RISK MANAGEMENT
5 STRATEGY
6 SEC. 601. FEDERAL ACQUISITION RISK MANAGEMENT
7 STRATEGY.
8 (a) IN GENERAL.—The Secretary, in coordination
9 with relevant private sector and academic experts and each
10 Federal entity described in paragraphs (1) through (9) of
11 subsection (b), shall develop and periodically update an ac12
quisition risk management strategy designed to ensure,
13 based on mission criticality and cost effectiveness, the se14
curity of the Federal information infrastructure.
15 (b) COORDINATION.—In developing the acquisition
16 risk management strategy required under subsection (a),
17 the Secretary shall coordinate with—
18 (1) the Secretary of Defense;
19 (2) the Secretary of Commerce;
20 (3) the Secretary of State;
21 (4) the Director of National Intelligence;
22 (5) the Administrator of General Services;
23 (6) the Administrator for Federal Procurement
24 Policy;
149
HEN12160 S.L.C.
1 (7) the members of the Chief Information Offi2
cers Council established under section 3603 of title
3 44, United States Code;
4 (8) the Chief Acquisition Officers Council estab5
lished under section 1311 of title 41, United States
6 Code; and
7 (9) the Chief Financial Officers Council estab8
lished under section 302 of the Chief Financial Offi9
cers Act of 1990 (31 U.S.C. 901 note).
10 (c) ELEMENTS.—The risk management strategy de11
veloped under subsection (a) shall—
12 (1) address risks in the acquisition of any part
13 of the Federal information infrastructure; and
14 (2) include developing processes that—
15 (A) incorporate all-source intelligence anal16
ysis into assessments of the integrity of the
17 supply chain for the Federal information infra18
structure;
19 (B) incorporate internationally recognized
20 standards, guidelines, and best practices, in21
cluding those developed by the private sector,
22 for supply chain integrity;
23 (C) enhance capabilities to test and evalu24
ate software and hardware within or for use in
25 the Federal information infrastructure, and,
150
HEN12160 S.L.C.
1 where appropriate, make the capabilities avail2
able for use by the private sector;
3 (D) protect the intellectual property and
4 trade secrets of suppliers of information and
5 communications technology products and serv6
ices;
7 (E) share with the private sector, to the
8 fullest extent possible, the risks identified in the
9 supply chain and working with the private sec10
tor to mitigate those threats as identified;
11 (F) identify specific acquisition practices of
12 Federal agencies that increase risks to the sup13
ply chain and develop a process to provide rec14
ommendations for revisions to those processes;
15 and
16 (G) to the maximum extent practicable,
17 promote the ability of Federal agencies to pro18
cure authentic commercial off-the-shelf informa19
tion and communications technology products
20 and services from a diverse pool of suppliers,
21 consistent with the preferences for the acquisi22
tion of commercial items under section 2377 of
23 title 10, United States Code, and section 3307
24 of title 41, United States Code.
151
HEN12160 S.L.C.
1 SEC. 602. AMENDMENTS TO CLINGER-COHEN PROVISIONS
2 TO ENHANCE AGENCY PLANNING FOR INFOR3
MATION SECURITY NEEDS.
4 Chapter 113 of title 40, United States Code, is
5 amended—
6 (1) in section 11302—
7 (A) in subsection (f), by striking ‘‘tech8
nology.’’ and inserting ‘‘technology, including
9 information technology or network information
10 security requirements.’’;
11 (B) in subsection (i)—
12 (i) by inserting ‘‘, including informa13
tion security requirements,’’ after ‘‘infor14
mation resources management’’; and
15 (ii) by adding at the end the fol16
lowing: ‘‘The Administrator for Federal
17 Procurement Policy, in coordination with
18 the Chief Information Officers Council and
19 the Federal Acquisition Institute, shall en20
sure that contracting officers and the indi21
viduals preparing descriptions of the Gov22
ernment requirements and statements of
23 work have adequate training in informa24
tion security requirements, including in in25
formation technology security contracts.’’;
152
HEN12160 S.L.C.
1 (C) in subsection (j), by adding at the end
2 the following: ‘‘The Director shall review and
3 report on possible impediments in the acquisi4
tion process or elsewhere that are acting to slow
5 agency uptake of the newest, most secure tech6
nologies.’’; and
7 (D) by adding at the end the following:
8 ‘‘(l) MULTIPLE AWARD SCHEDULE FOR INFORMA9
TION SECURITY.—The Administrator of General Services
10 shall develop a special item number under Schedule 70
11 for information security products and services and consoli12
date those products and services under that special item
13 number to promote acquisition.
14 ‘‘(m) REDUCING THE USE OF COUNTERFEIT PROD15
UCTS.—Not later than 180 days after the date of enact16
ment of the Cybersecurity Act of 2012, the Director shall
17 issue guidance requiring, to the extent practicable, Federal
18 agencies to purchase information technology products only
19 through the authorized channels or distributors of a sup20
plier.’’; and
21 (2) in section 11312(b)(3), by inserting ‘‘, in22
formation security improvement,’’ after ‘‘risk-ad23
justed return on investment’’.
153
HEN12160 S.L.C.
1 TITLE VII—INFORMATION
2 SHARING
3 SEC. 701. AFFIRMATIVE AUTHORITY TO MONITOR AND DE4
FEND AGAINST CYBERSECURITY THREATS.
5 Notwithstanding chapter 119, 121, or 206 of title 18,
6 United States Code, the Foreign Intelligence Surveillance
7 Act of 1978 (50 U.S.C. 1801 et seq.), and the Commu8
nications Act of 1934 (47 U.S.C. 151 et seq.), any private
9 entity may—
10 (1) monitor information systems of the entity
11 and information that is stored on, processed by, or
12 transiting the information systems for cybersecurity
13 threats;
14 (2) monitor a third party’s information systems
15 and information that is stored on, processed by, or
16 transiting the information systems for cybersecurity
17 threats, if the third party lawfully authorizes the
18 monitoring;
19 (3) operate countermeasures on information
20 systems of the entity to protect the information sys21
tems and information that is stored on, processed
22 by, or transiting the information systems; and
23 (4) operate countermeasures on a third party’s
24 information systems to protect the third party’s in25
formation systems and information that is stored on,
154
HEN12160 S.L.C.
1 processed by, or transiting the information systems,
2 if the third party lawfully authorizes the counter3
measures.
4 SEC. 702. VOLUNTARY DISCLOSURE OF CYBERSECURITY
5 THREAT INDICATORS AMONG PRIVATE ENTI6
TIES.
7 (a) AUTHORITY TO DISCLOSE.—Notwithstanding any
8 other provision of law, any private entity may disclose law9
fully obtained cybersecurity threat indicators to any other
10 private entity.
11 (b) USE AND PROTECTION OF INFORMATION.—A pri12
vate entity disclosing or receiving cybersecurity threat in13
dicators under subsection (a)—
14 (1) shall make reasonable efforts to safeguard
15 communications, records, system traffic, or other in16
formation that can be used to identify specific per17
sons from unauthorized access or acquisition;
18 (2) shall comply with any lawful restrictions
19 placed on the disclosure or use of cybersecurity
20 threat indicators by the disclosing entity, including,
21 if requested, the removal of information that can be
22 used to identify specific persons from such indica23
tors;
24 (3) may not use the cybersecurity threat indica25
tors to gain an unfair competitive advantage to the
155
HEN12160 S.L.C.
1 detriment of the entity that authorized such sharing;
2 and
3 (4) may only use, retain, or further disclose the
4 cybersecurity threat indicators for the purpose of
5 protecting an information system or information
6 that is stored on, processed by, or transiting an in7
formation system from cybersecurity threats or miti8
gating the threats.
9 SEC. 703. CYBERSECURITY EXCHANGES.
10 (a) DESIGNATION OF CYBERSECURITY EX11
CHANGES.—The Secretary, in consultation with the Direc12
tor of National Intelligence, the Attorney General, and the
13 Secretary of Defense, shall establish—
14 (1) a process for designating appropriate Fed15
eral entities (such as 1 or more Federal cybersecu16
rity centers) and non-Federal entities as cybersecu17
rity exchanges;
18 (2) procedures to facilitate and encourage the
19 sharing of classified and unclassified cybersecurity
20 threat indicators with designated cybersecurity ex21
changes and other appropriate Federal entities and
22 non-Federal entities; and
23 (3) a process for identifying certified entities
24 authorized to receive classified cybersecurity threat
25 indicators in accordance with paragraph (2).
156
HEN12160 S.L.C.
1 (b) PURPOSE.—The purpose of a cybersecurity ex2
change is to efficiently receive and distribute cybersecurity
3 threat indicators in accordance with this title.
4 (c) REQUIREMENT FOR A LEAD FEDERAL CYBERSE5
CURITY EXCHANGE.—
6 (1) IN GENERAL.—The Secretary, in consulta7
tion with the Director of National Intelligence, the
8 Attorney General, and the Secretary of Defense,
9 shall designate a Federal entity as the lead cyberse10
curity exchange to serve as the focal point within the
11 Federal Government for cybersecurity information
12 sharing among Federal entities and with non-Fed13
eral entities.
14 (2) RESPONSIBILITIES.—The lead cybersecurity
15 exchange designated under paragraph (1) shall—
16 (A) receive and distribute cybersecurity
17 threat indicators in accordance with this title;
18 (B) facilitate information sharing, inter19
action, and collaboration among and between—
20 (i) Federal entities;
21 (ii) State, local, tribal, and territorial
22 governments;
23 (iii) private entities;
24 (iv) academia;
157
HEN12160 S.L.C.
1 (v) international partners, in consulta2
tion with the Secretary of State; and
3 (vi) other cybersecurity exchanges;
4 (C) disseminate timely and actionable cy5
bersecurity threat, vulnerability, mitigation, and
6 warning information, including alerts,
7 advisories, indicators, signatures, and mitiga8
tion and response measures, to improve the se9
curity and protection of information systems;
10 (D) coordinate with other Federal and
11 non-Federal entities, as appropriate, to inte12
grate information from Federal and non-Fed13
eral entities, including Federal cybersecurity
14 centers, non-Federal network or security oper15
ation centers, other cybersecurity exchanges,
16 and non-Federal entities that disclose cyberse17
curity threat indicators under section 704(a) to
18 provide situational awareness of the United
19 States information security posture and foster
20 information security collaboration among infor21
mation system owners and operators;
22 (E) conduct, in consultation with private
23 entities and relevant Federal and other govern24
mental entities, regular assessments of existing
25 and proposed information sharing models to
158
HEN12160 S.L.C.
1 eliminate bureaucratic obstacles to information
2 sharing and identify best practices for such in3
formation sharing; and
4 (F) coordinate with other Federal entities,
5 as appropriate, to compile and analyze informa6
tion about risks and incidents that threaten in7
formation systems, including information volun8
tarily submitted in accordance with section
9 704(a) or otherwise in accordance with applica10
ble laws.
11 (3) SCHEDULE FOR DESIGNATION.—
12 (A) INITIAL DESIGNATION.—Not later
13 than 60 days after the date of enactment of
14 this Act, the Secretary shall designate a lead
15 cybersecurity exchange under paragraph (1).
16 (B) INTERIM DESIGNATION.—The Na17
tional Cybersecurity and Communications Inte18
gration Center of the Department shall serve as
19 the interim lead cybersecurity exchange until
20 the Secretary designates a lead cybersecurity
21 exchange under paragraph (1).
22 (d) ADDITIONAL FEDERAL CYBERSECURITY EX23
CHANGES.—In accordance with the process and proce24
dures established under subsection (a), the Secretary, in
25 consultation with the Director of National Intelligence, the
159
HEN12160 S.L.C.
1 Attorney General, and the Secretary of Defense, may des2
ignate additional existing Federal entities as cybersecurity
3 exchanges, if the cybersecurity exchanges are subject to
4 the requirements for use, retention, and disclosure of in5
formation by a cybersecurity exchange under section
6 704(b) and the special requirements for Federal entities
7 under section 704(g).
8 (e) REQUIREMENTS FOR NON-FEDERAL CYBERSECU9
RITY EXCHANGES.—
10 (1) IN GENERAL.—In considering whether to
11 designate a non-Federal entity as a cybersecurity ex12
change to receive cybersecurity threat indicators
13 under section 704(a), and what entity to designate,
14 the Secretary shall consider the following factors:
15 (A) The net effect that an additional cy16
bersecurity exchange would have on the overall
17 cybersecurity of the United States.
18 (B) Whether the designation could sub19
stantially improve the overall cybersecurity of
20 the United States by serving as a hub for re21
ceiving and sharing cybersecurity threat indica22
tors, including the capacity of the non-Federal
23 entity for performing those functions.
160
HEN12160 S.L.C.
1 (C) The capacity of the non-Federal entity
2 to safeguard cybersecurity threat indicators
3 from unauthorized disclosure and use.
4 (D) The adequacy of the policies and pro5
cedures of the non-Federal entity to protect
6 personally identifiable information from unau7
thorized disclosure and use.
8 (E) The ability of the non-Federal entity
9 to sustain operations using entirely non-Federal
10 sources of funding.
11 (2) REGULATIONS.—The Secretary may pro12
mulgate regulations as may be necessary to carry
13 out this subsection.
14 (f) CONSTRUCTION WITH OTHER AUTHORITIES.—
15 Nothing in this section may be construed to alter the au16
thorities of a Federal cybersecurity center, unless such cy17
bersecurity center is acting in its capacity as a designated
18 cybersecurity exchange.
19 (g) NO NEW BUREAUCRACIES.—Nothing in this sec20
tion may be construed to authorize additional layers of
21 Federal bureaucracy for the receipt and disclosure of cy22
bersecurity threat indicators.
23 (h) REPORT ON DESIGNATION OF CYBERSECURITY
24 EXCHANGE.—Not later than 90 days after the date on
25 which the Secretary designates the initial cybersecurity ex161
HEN12160 S.L.C.
1 change under this section, the Secretary, the Director of
2 National Intelligence, the Attorney General, and the Sec3
retary of Defense shall jointly submit to Congress a writ4
ten report that—
5 (1) describes the processes established to des6
ignate cybersecurity exchanges under subsection (a);
7 (2) summarizes the policies and procedures es8
tablished under section 704(g); and
9 (3) if the Secretary has not designated any non-
10 Federal entities as a cybersecurity exchange, pro11
vides recommendations concerning the advisability of
12 designating non-Federal entities as cybersecurity ex13
changes.
14 SEC. 704. VOLUNTARY DISCLOSURE OF CYBERSECURITY
15 THREAT INDICATORS TO A CYBERSECURITY
16 EXCHANGE.
17 (a) AUTHORITY TO DISCLOSE.—Notwithstanding any
18 other provision of law, a non-Federal entity may disclose
19 lawfully obtained cybersecurity threat indicators to a cy20
bersecurity exchange.
21 (b) USE, RETENTION, AND DISCLOSURE OF INFOR22
MATION BY A CYBERSECURITY EXCHANGE.—Except as
23 provided in subsection (g), a cybersecurity exchange may
24 only use, retain, or further disclose information provided
25 under subsection (a) in order to protect information sys162
HEN12160 S.L.C.
1 tems from cybersecurity threats or mitigate cybersecurity
2 threats.
3 (c) USE AND PROTECTION OF INFORMATION RE4
CEIVED FROM A CYBERSECURITY EXCHANGE.—A non-
5 Federal entity receiving cybersecurity threat indicators
6 from a cybersecurity exchange—
7 (1) shall make reasonable efforts to safeguard
8 communications, records, system traffic, and other
9 information that can be used to identify specific per10
sons from unauthorized access or acquisition;
11 (2) shall comply with any lawful restrictions
12 placed on the disclosure or use of cybersecurity
13 threat indicators by the cybersecurity exchange or a
14 third party, if the cybersecurity exchange received
15 the information from the third party, including, if
16 requested, the removal of information that can be
17 used to identify specific persons from the indicators;
18 (3) may not use the cybersecurity threat indica19
tors to gain an unfair competitive advantage to the
20 detriment of the third party that authorized the
21 sharing; and
22 (4) may only use, retain, or further disclose the
23 cybersecurity threat indicators for the purpose of
24 protecting an information system or information
25 that is stored on, processed by, or transiting an in163
HEN12160 S.L.C.
1 formation system from cybersecurity threats or miti2
gating such threats.
3 (d) EXEMPTION FROM PUBLIC DISCLOSURE.—Any
4 cybersecurity threat indicator disclosed by a non-Federal
5 entity to a cybersecurity exchange under subsection (a)
6 shall be—
7 (1) exempt from disclosure under section
8 552(b)(3) of title 5, United States Code, or any
9 comparable State law; and
10 (2) treated as voluntarily shared information
11 under section 552 of title 5, United States Code, or
12 any comparable State law.
13 (e) EXEMPTION FROM EX PARTE LIMITATIONS.—
14 Any cybersecurity threat indicator disclosed by a non-Fed15
eral entity to a cybersecurity exchange under subsection
16 (a) shall not be subject to the rules of any governmental
17 entity or judicial doctrine regarding ex parte communica18
tions with a decision making official.
19 (f) EXEMPTION FROM WAIVER OF PRIVILEGE.—Any
20 cybersecurity threat indicator disclosed by a non-Federal
21 entity to a cybersecurity exchange under subsection (a)
22 may not be construed to be a waiver of any applicable
23 privilege or protection provided under Federal, State, trib24
al, or territorial law, including any trade secret protection.
164
HEN12160 S.L.C.
1 (g) SPECIAL REQUIREMENTS FOR FEDERAL ENTI2
TIES.—
3 (1) PERMITTED DISCLOSURES.—Notwith4
standing any other provision of law and consistent
5 with the requirements of this subsection, a Federal
6 entity that lawfully intercepts, acquires, or otherwise
7 obtains or possesses any communication, record, or
8 other information from its electronic communica9
tions system, may disclose that communication,
10 record, or other information if—
11 (A) the disclosure is made for the purpose
12 of—
13 (i) protecting the information system
14 of a Federal entity from cybersecurity
15 threats; or
16 (ii) mitigating cybersecurity threats
17 to—
18 (I) another component, officer,
19 employee, or agent of the Federal en20
tity with cybersecurity responsibilities;
21 (II) any cybersecurity exchange;
22 or
23 (III) a private entity that is act24
ing as a provider of electronic commu25
nication services, remote computing
165
HEN12160 S.L.C.
1 service, or cybersecurity services to a
2 Federal entity; and
3 (B) the recipient of the communication,
4 record, or other information agrees to comply
5 with the Federal entity’s lawful requirements
6 regarding the protection and further disclosure
7 of the information, except to the extent the re8
quirements are inconsistent with the policies
9 and procedures developed by the Secretary and
10 approved by the Attorney General under para11
graph (4).
12 (2) DISCLOSURE TO LAW ENFORCEMENT.—A
13 cybersecurity exchange that is a Federal entity may
14 disclose cybersecurity threat indicators received
15 under subsection (a) to a law enforcement entity
16 if—
17 (A) the information appears to relate to a
18 crime which has been, is being, or is about to
19 be committed; and
20 (B) the disclosure is permitted under the
21 procedures developed by the Secretary and ap22
proved by the Attorney General under para23
graph (4).
24 (3) FURTHER DISCLOSURE AND USE OF INFOR25
MATION BY A FEDERAL ENTITY.—
166
HEN12160 S.L.C.
1 (A) AUTHORITY TO RECEIVE CYBERSECU2
RITY THREAT INDICATORS.—A Federal entity
3 that is not a cybersecurity exchange may re4
ceive cybersecurity threat indicators from a cy5
bersecurity exchange under section 703, but
6 shall only use or retain the cybersecurity threat
7 indicators in a manner that is consistent with
8 this subsection in order—
9 (i) to protect information systems
10 from cybersecurity threats and to mitigate
11 cybersecurity threats; or
12 (ii) to disclose the cybersecurity threat
13 indicators to a law enforcement agency
14 under paragraph (2).
15 (B) AUTHORITY TO USE CYBERSECURITY
16 THREAT INDICATORS.—A Federal entity that is
17 not a cybersecurity exchange shall ensure, by
18 written agreement, that when disclosing cyber19
security threat indicators to a non-Federal enti20
ty under this section, the non-Federal entity
21 shall use or retain the cybersecurity threat indi22
cators in a manner that is consistent with the
23 requirements under section 702(b) on the use
24 and protection of information and paragraph
25 (2) of this subsection.
167
HEN12160 S.L.C.
1 (4) PRIVACY AND CIVIL LIBERTIES.—
2 (A) REQUIREMENT FOR POLICIES AND
3 PROCEDURES.—In consultation with privacy
4 and civil liberties experts, the Director of Na5
tional Intelligence, and the Secretary of De6
fense, the Secretary shall develop and periodi7
cally review policies and procedures governing
8 the receipt, retention, use, and disclosure of cy9
bersecurity threat indicators by a Federal entity
10 obtained in connection with activities authorized
11 under this title, which shall—
12 (i) minimize the impact on privacy
13 and civil liberties, consistent with the need
14 to protect information systems from cyber15
security threats and mitigate cybersecurity
16 threats;
17 (ii) reasonably limit the receipt, reten18
tion, use and disclosure of cybersecurity
19 threat indicators associated with specific
20 persons consistent with the need to carry
21 out the responsibilities of this title, includ22
ing establishing a process for the timely
23 destruction of cybersecurity threat indica24
tors that are received under this section
25 that do not reasonably appear to be related
168
HEN12160 S.L.C.
1 to protecting information systems from cy2
bersecurity threats and mitigating cyberse3
curity threats, unless the indicators appear
4 to relate to a crime which has been, is
5 being, or is about to be committed;
6 (iii) include requirements to safeguard
7 cybersecurity threat indicators that can be
8 used to identify specific persons from un9
authorized access or acquisition; and
10 (iv) protect the confidentiality of cy11
bersecurity threat indicators associated
12 with specific persons to the greatest extent
13 practicable and require recipients to be in14
formed that such indicators may only be
15 used for protecting information systems
16 against cybersecurity threats, mitigating
17 against cybersecurity threats, or disclosed
18 to law enforcement under paragraph (2).
19 (B) ADOPTION OF POLICIES AND PROCE20
DURES.—The head of a Federal agency respon21
sible for a Federal entity designated as a cyber22
security exchange under section 703 shall adopt
23 and comply with the policies and procedures de24
veloped under this subsection.
169
HEN12160 S.L.C.
1 (C) REVIEW BY THE ATTORNEY GEN2
ERAL.—Not later than 1 year after the date of
3 the enactment of this Act, the Attorney General
4 shall review and approve policies and proce5
dures developed under this subsection.
6 (D) PROVISION TO CONGRESS.—The poli7
cies and procedures issued under this sub8
section and any amendments to such policies
9 and procedures shall be provided to Congress.
10 (5) OVERSIGHT.—
11 (A) REQUIREMENT FOR OVERSIGHT.—The
12 Secretary and the Attorney General shall estab13
lish a mandatory program to monitor and over14
see compliance with the policies and procedures
15 issued under this subsection.
16 (B) NOTIFICATION OF THE ATTORNEY
17 GENERAL.—The head of each Federal entity
18 that receives information under this title
19 shall—
20 (i) comply with the policies and proce21
dures developed by the Secretary and ap22
proved by the Attorney General under
23 paragraph (4);
170
HEN12160 S.L.C.
1 (ii) promptly notify the Attorney Gen2
eral of significant violations of the policies
3 and procedures; and
4 (iii) provide the Attorney General with
5 any information relevant to the violation
6 that any Attorney General requires.
7 (C) ANNUAL REPORT.—On an annual
8 basis, the Chief Privacy and Civil Liberties Of9
ficer of the Department of Justice and the De10
partment of Homeland Security, in consultation
11 with the most senior privacy and civil liberties
12 officer or officers of any appropriate agencies,
13 shall jointly submit to Congress a report assess14
ing the privacy and civil liberties impact of the
15 activities of the Federal Government conducted
16 under this title.
17 (6) PRIVACY AND CIVIL LIBERTIES OVERSIGHT
18 BOARD.—Not later than 2 years after the date of
19 enactment of this Act, the Privacy and Civil Lib20
erties Oversight Board shall submit to Congress and
21 the President a report providing—
22 (A) an assessment of the privacy and civil
23 liberties impact of the activities carried out by
24 the Federal entities under this title; and
171
HEN12160 S.L.C.
1 (B) recommendations for improvements to
2 or modifications of the law to address privacy
3 and civil liberties concerns.
4 (7) SANCTIONS.—The heads of Federal entities
5 shall develop and enforce appropriate sanctions for
6 officers, employees, or agents of the Federal entities
7 who conduct activities under this title—
8 (A) outside the normal course of their
9 specified duties;
10 (B) in a manner inconsistent with the dis11
charge of the responsibilities of the Federal en12
tities; or
13 (C) in contravention of the requirements,
14 policies and procedures required under this sub15
section.
16 SEC. 705. SHARING OF CLASSIFIED CYBERSECURITY
17 THREAT INDICATORS.
18 (a) SHARING OF CLASSIFIED CYBERSECURITY
19 THREAT INDICATORS.—The procedures established under
20 section 703(a)(2) shall provide that classified cybersecu21
rity threat indicators may only be—
22 (1) shared with certified entities;
23 (2) shared in a manner that is consistent with
24 the need to protect the national security of the
25 United States;
172
HEN12160 S.L.C.
1 (3) shared with a person with an appropriate
2 security clearance to receive the cybersecurity threat
3 indicators; and
4 (4) used by a certified entity in a manner that
5 protects the cybersecurity threat indicators from un6
authorized disclosure.
7 (b) REQUIREMENT FOR GUIDELINES.—Not later
8 than 60 days after the date of enactment of this Act, the
9 Director of National Intelligence shall issue guidelines pro10
viding that appropriate Federal officials may, as the Di11
rector considers necessary to carry out this title—
12 (1) grant a security clearance on a temporary
13 or permanent basis to an employee of a certified en14
tity;
15 (2) grant a security clearance on a temporary
16 or permanent basis to a certified entity and approval
17 to use appropriate facilities; or
18 (3) expedite the security clearance process for a
19 certified entity or employee of a certified entity, if
20 appropriate, in a manner consistent with the need to
21 protect the national security of the United States.
22 (c) DISTRIBUTION OF PROCEDURES AND GUIDE23
LINES.—Following the establishment of the procedures
24 under section 703(a)(2) and the issuance of the guidelines
25 under subsection (b), the Secretary and the Director of
173
HEN12160 S.L.C.
1 National Intelligence shall expeditiously distribute the pro2
cedures and guidelines to—
3 (1) appropriate governmental entities and pri4
vate entities;
5 (2) the Committee on Armed Services, the
6 Committee on Commerce, Science, and Transpor7
tation, the Committee on Homeland Security and
8 Governmental Affairs, the Committee on the Judici9
ary, and the Select Committee on Intelligence of the
10 Senate; and
11 (3) the Committee on Armed Services, the
12 Committee on Energy and Commerce, the Com13
mittee on Homeland Security, the Committee on the
14 Judiciary, and the Permanent Select Committee on
15 Intelligence of the House of Representatives.
16 SEC. 706. LIMITATION ON LIABILITY AND GOOD FAITH DE17
FENSE FOR CYBERSECURITY ACTIVITIES.
18 (a) IN GENERAL.—No civil or criminal cause of ac19
tion shall lie or be maintained in any Federal or State
20 court against any entity, and any such action shall be dis21
missed promptly, based on—
22 (1) the cybersecurity monitoring activities au23
thorized by paragraphs (1) and (2) of section 701;
24 or
174
HEN12160 S.L.C.
1 (2) the voluntary disclosure of a lawfully ob2
tained cybersecurity threat indicator—
3 (A) to a cybersecurity exchange under sec4
tion 704(a);
5 (B) by a provider of cybersecurity services
6 to a customer of the provider;
7 (C) to a private entity or governmental en8
tity that provides or manages critical infra9
structure; or
10 (D) to any other private entity under sec11
tion 702(a), if the cybersecurity threat indicator
12 is also disclosed within a reasonable time to a
13 cybersecurity exchange.
14 (b) GOOD FAITH DEFENSE.—If a civil or criminal
15 cause of action is not barred under subsection (a), good
16 faith reliance that this title permitted the conduct com17
plained of is a complete defense against any civil or crimi18
nal action brought under this title or any other law.
19 (c) LIMITATION ON USE OF CYBERSECURITY
20 THREAT INDICATORS FOR REGULATORY ENFORCEMENT
21 ACTIONS.—No Federal entity may use a cybersecurity
22 threat indicator received under this title as evidence in a
23 regulatory enforcement action against the entity that law24
fully shared the cybersecurity threat indicator with a cy25
bersecurity exchange that is a Federal entity.
175
HEN12160 S.L.C.
1 (d) DELAY OF NOTIFICATION AUTHORIZED FOR LAW
2 ENFORCEMENT OR NATIONAL SECURITY PURPOSES.—No
3 civil or criminal cause of action shall lie or be maintained
4 in any Federal or State court against any entity, and any
5 such action shall be dismissed promptly, for a failure to
6 disclose a cybersecurity threat indicator if—
7 (1) the Attorney General determines that dis8
closure of a cybersecurity threat indicator would im9
pede a civil or criminal investigation and submits a
10 written request to delay notification for up to 30
11 days, except that the Attorney General may, by a
12 subsequent written request, revoke such delay or ex13
tend the period of time set forth in the original re14
quest made under this paragraph if further delay is
15 necessary; or
16 (2) the Secretary, the Attorney General, or the
17 Director of National Intelligence determines that
18 disclosure of a cybersecurity threat indicator would
19 threaten national or homeland security and submits
20 a written request to delay notification, except that
21 the Secretary, the Attorney General or the Director
22 of National Intelligence may, by a subsequent writ23
ten request, revoke such delay or extend the period
24 of time set forth in the original request made under
25 this paragraph if further delay is necessary.
176
HEN12160 S.L.C.
1 (e) LIMITATION ON LIABILITY FOR FAILURE TO
2 ACT.—No civil or criminal cause of action shall lie or be
3 maintained in any Federal or State court against any pri4
vate entity, or any officer, employee, or agent of such an
5 entity, and any such action shall be dismissed promptly,
6 for the reasonable failure to act on information received
7 under this title.
8 (f) LIMITATION ON PROTECTIONS.—Any person who
9 knowingly and willfully violates restrictions under this title
10 shall not receive the protections under this title.
11 (g) PRIVATE RIGHT OF ACTION.—Nothing in this
12 title may be construed to limit liability for a failure to
13 comply with the requirements of section 702(b) and sec14
tion 704(c) on the use and protection of information.
15 (h) DEFENSE FOR BREACH OF CONTRACT.—Compli16
ance with lawful restrictions placed on the disclosure or
17 use of cybersecurity threat indicators is a complete defense
18 to any tort or breach of contract claim originating in a
19 failure to disclose cybersecurity threat indicators to a third
20 party.
21 SEC. 707. CONSTRUCTION; FEDERAL PREEMPTION.
22 (a) CONSTRUCTION.—Nothing in this title may be
23 construed—
24 (1) to permit the unauthorized disclosure of—
177
HEN12160 S.L.C.
1 (A) information that has been determined
2 by the Federal Government pursuant to an Ex3
ecutive Order or statute to require protection
4 against unauthorized disclosure for reasons of
5 national defense or foreign relations;
6 (B) any restricted data (as that term is de7
fined in paragraph (y) of section 11 of the
8 Atomic Energy Act of 1954 (42 U.S.C. 2014));
9 (C) information related to intelligence
10 sources and methods; or
11 (D) information that is specifically subject
12 to a court order or a certification, directive, or
13 other authorization by the Attorney General
14 precluding such disclosure;
15 (2) to limit or prohibit otherwise lawful disclo16
sures of communications, records, or information by
17 a private entity to a cybersecurity exchange or any
18 other governmental or private entity not conducted
19 under this title;
20 (3) to limit the ability of a private entity or
21 governmental entity to receive data about the infor22
mation systems of the entity, including lawfully ob23
tained cybersecurity threat indicators;
24 (4) to authorize or prohibit any law enforce25
ment, homeland security, or intelligence activities
178
HEN12160 S.L.C.
1 not otherwise authorized or prohibited under another
2 provision of law;
3 (5) to permit price-fixing, allocating a market
4 between competitors, monopolizing or attempting to
5 monopolize a market, boycotting, or exchanges of
6 price or cost information, customer lists, or informa7
tion regarding future competitive planning; or
8 (6) to prevent a governmental entity from using
9 information not acquired through a cybersecurity ex10
change for regulatory purposes.
11 (b) FEDERAL PREEMPTION.—This title supersedes
12 any law or requirement of a State or political subdivision
13 of a State that restricts or otherwise expressly regulates
14 the provision of cybersecurity services or the acquisition,
15 interception, retention, use or disclosure of communica16
tions, records, or other information by private entities to
17 the extent such law contains requirements inconsistent
18 with this title.
19 (c) PRESERVATION OF OTHER STATE LAW.—Except
20 as expressly provided, nothing in this title shall be con21
strued to preempt the applicability of any other State law
22 or requirement.
23 (d) NO CREATION OF A RIGHT TO INFORMATION.—
24 The provision of information to a non-Federal entity
179
HEN12160 S.L.C.
1 under this title shall not create a right or benefit to similar
2 information by any other non-Federal entity.
3 (e) PROHIBITION ON REQUIREMENT TO PROVIDE IN4
FORMATION TO THE FEDERAL GOVERNMENT.—Nothing
5 in this title, except as expressly stated, may be construed
6 to permit a Federal entity—
7 (1) to require a non-Federal entity to share in8
formation with the Federal Government; or
9 (2) to condition the disclosure of unclassified or
10 classified cybersecurity threat indicators under this
11 title with a non-Federal entity on the provision of
12 cybersecurity threat information to the Federal Gov13
ernment.
14 (f) LIMITATION ON USE OF INFORMATION.—No cy15
bersecurity threat indicators obtained under this title may
16 be used, retained, or disclosed by a Federal entity or non-
17 Federal entity, except as authorized under this title.
18 (g) DECLASSIFICATION AND SHARING OF INFORMA19
TION.—Consistent with the exemptions from public disclo20
sure of section 704(d), the Director of National Intel21
ligence, in consultation with the Secretary, shall facilitate
22 the declassification and sharing of information in the pos23
session of a Federal entity that is related to cybersecurity
24 threats, as the Director of National Intelligence deter25
mines appropriate.
180
HEN12160 S.L.C.
1 (h) REPORT ON IMPLEMENTATION.—Not later than
2 2 years after the date of enactment of this Act, the Sec3
retary, the Director of National Intelligence, the Attorney
4 General, and the Secretary of Defense shall jointly submit
5 to Congress a report that—
6 (1) describes the extent to which the authorities
7 conferred by this title have enabled the Federal Gov8
ernment and the private sector to mitigate cyberse9
curity threats;
10 (2) discloses any significant acts of noncompli11
ance by a non-Federal entity with this title, with
12 special emphasis on privacy and civil liberties, and
13 any measures taken by the Federal Government to
14 uncover such noncompliance;
15 (3) describes in general terms the nature and
16 quantity of information disclosed and received by
17 governmental entities and private entities under this
18 title; and
19 (4) proposes changes to the law, including the
20 definitions, authorities and requirements under this
21 title, that are necessary to ensure the law keeps pace
22 with the threat while protecting privacy and civil lib23
erties.
24 (i) REQUIREMENT FOR ANNUAL REPORT.—On an
25 annual basis, the Director of National Intelligence shall
181
HEN12160 S.L.C.
1 provide a report to the Select Committee on Intelligence
2 of the Senate and the Permanent Select Committee on In3
telligence of the House of Representatives on the imple4
mentation of section 705. Each report under this sub5
section, which shall be submitted in an unclassified form,
6 but may include a classified annex, shall include a list of
7 private entities that receive classified cybersecurity threat
8 indicators under this title, except that the unclassified re9
port shall not contain information that may be used to
10 identify specific private entities unless such private enti11
ties consent to such identification.
12 SEC. 708. DEFINITIONS.
13 In this title:
14 (1) CERTIFIED ENTITY.—The term ‘‘certified
15 entity’’ means a protected entity, a self-protected en16
tity, or a provider of cybersecurity services that—
17 (A) possesses or is eligible to obtain a se18
curity clearance, as determined by the Director
19 of National Intelligence; and
20 (B) is able to demonstrate to the Director
21 of National Intelligence that the provider or en22
tity can appropriately protect and use classified
23 cybersecurity threat indicators.
24 (2) COUNTERMEASURE.—The term ‘‘counter25
measure’’ means automated or manual actions with
182
HEN12160 S.L.C.
1 defensive intent to modify or block data packets as2
sociated with electronic or wire communications,
3 internet traffic, program code, or other system traf4
fic transiting to or from or stored on an information
5 system for the purpose of protecting the information
6 system from cybersecurity threats, conducted on an
7 information system owned or operated by or on be8
half of the party to be protected or operated by a
9 private entity acting as a provider of electronic com10
munication services, remote computing services, or
11 cybersecurity services to the party to be protected.
12 (3) CYBERSECURITY EXCHANGE.—The term
13 ‘‘cybersecurity exchange’’ means any governmental
14 entity or private entity designated by the Secretary
15 as a cybersecurity exchange under section 703(a).
16 (4) CYBERSECURITY SERVICES.—The term ‘‘cy17
bersecurity services’’ means products, goods, or serv18
ices intended to detect, mitigate, or prevent cyberse19
curity threats.
20 (5) CYBERSECURITY THREAT.—The term ‘‘cy21
bersecurity threat’’ means any action that may re22
sult in unauthorized access to, exfiltration of, manip23
ulation of, or impairment to the integrity, confiden24
tiality, or availability of an information system or in183
HEN12160 S.L.C.
1 formation that is stored on, processed by, or
2 transiting an information system.
3 (6) CYBERSECURITY THREAT INDICATOR.—The
4 term ‘‘cybersecurity threat indicator’’ means infor5
mation—
6 (A) that may be indicative of or describe—
7 (i) malicious reconnaissance, including
8 anomalous patterns of communications
9 that reasonably appear to be transmitted
10 for the purpose of gathering technical in11
formation related to a cybersecurity threat;
12 (ii) a method of defeating a technical
13 control;
14 (iii) a technical vulnerability;
15 (iv) a method of defeating an oper16
ational control;
17 (v) a method of causing a user with
18 legitimate access to an information system
19 or information that is stored on, processed
20 by, or transiting an information system to
21 unwittingly enable the defeat of a technical
22 control or an operational control;
23 (vi) malicious cyber command and
24 control;
184
HEN12160 S.L.C.
1 (vii) the actual or potential harm
2 caused by an incident, including informa3
tion exfiltrated as a result of subverting a
4 technical control when it is necessary in
5 order to identify or describe a cybersecu6
rity threat;
7 (viii) any other attribute of a cyberse8
curity threat, if disclosure of such attribute
9 is not otherwise prohibited by law; or
10 (ix) any combination thereof; and
11 (B) from which reasonable efforts have
12 been made to remove information that can be
13 used to identify specific persons unrelated to
14 the cybersecurity threat.
15 (7) FEDERAL CYBERSECURITY CENTER.—The
16 term ‘‘Federal cybersecurity center’’ means the De17
partment of Defense Cyber Crime Center, the Intel18
ligence Community Incident Response Center, the
19 United States Cyber Command Joint Operations
20 Center, the National Cyber Investigative Joint Task
21 Force, the National Security Agency/Central Secu22
rity Service Threat Operations Center, or the United
23 States Computer Emergency Readiness Team, or
24 any successor to such a center.
185
HEN12160 S.L.C.
1 (8) FEDERAL ENTITY.—The term ‘‘Federal en2
tity’’ means a Federal agency, or any component, of3
ficer, employee, or agent of a Federal agency.
4 (9) GOVERNMENTAL ENTITY.—The term ‘‘gov5
ernmental entity’’ means any Federal entity and
6 agency or department of a State, local, tribal, or ter7
ritorial government other than an educational insti8
tution, or any component, officer, employee, or agent
9 of such an agency or department.
10 (10) INFORMATION SYSTEM.—The term ‘‘infor11
mation system’’ means a discrete set of information
12 resources organized for the collection, processing,
13 maintenance, use, sharing, dissemination, or disposi14
tion of information, including communications with,
15 or commands to, specialized systems such as indus16
trial and process control systems, telephone switch17
ing and private branch exchange, and environmental
18 control systems.
19 (11) MALICIOUS CYBERCOMMAND AND CON20
TROL.—The term ‘‘malicious cyber command and
21 control’’ means a method for remote identification
22 of, access to, or use of, an information system or in23
formation that is stored on, processed by, or
24 transiting an information system associated with a
25 known or suspected cybersecurity threat.
186
HEN12160 S.L.C.
1 (12) MALICIOUS RECONNAISSANCE.—The term
2 ‘‘malicious reconnaissance’’ means a method for ac3
tively probing or passively monitoring an information
4 system for the purpose of discerning technical
5 vulnerabilities of the information system, if such
6 method is associated with a known or suspected cy7
bersecurity threat.
8 (13) MONITOR.—The term ‘‘monitor’’ means
9 the interception, acquisition, or collection of informa10
tion that is stored on, processed by, or transiting an
11 information system for the purpose of identifying cy12
bersecurity threats.
13 (14) NON-FEDERAL ENTITY.—The term ‘‘non-
14 Federal entity’’ means a private entity or a govern15
mental entity other than a Federal entity.
16 (15) OPERATIONAL CONTROL.—The term
17 ‘‘operational control’’ means a security control for
18 an information system that primarily is implemented
19 and executed by people.
20 (16) PRIVATE ENTITY.—The term ‘‘private en21
tity’’ has the meaning given the term ‘‘person’’ in
22 section 1 of title 1, United States Code, and does
23 not include a governmental entity.
24 (17) PROTECT.—The term ‘‘protect’’ means ac25
tions undertaken to secure, defend, or reduce the
187
HEN12160 S.L.C.
1 vulnerabilities of an information system, mitigate cy2
bersecurity threats, or otherwise enhance informa3
tion security or the resiliency of information systems
4 or assets.
5 (18) PROTECTED ENTITY.—The term ‘‘pro6
tected entity’’ means an entity, other than an indi7
vidual, that contracts with a provider of cybersecu8
rity services for goods or services to be used for cy9
bersecurity purposes.
10 (19) SELF-PROTECTED ENTITY.—The term
11 ‘‘self-protected entity’’ means an entity, other than
12 an individual, that provides cybersecurity services to
13 itself.
14 (20) TECHNICAL CONTROL.—The term ‘‘tech15
nical control’’ means a hardware or software restric16
tion on, or audit of, access or use of an information
17 system or information that is stored on, processed
18 by, or transiting an information system that is in19
tended to ensure the confidentiality, integrity, or
20 availability of that system.
21 (21) TECHNICAL VULNERABILITY.—The term
22 ‘‘technical vulnerability’’ means any attribute of
23 hardware or software that could enable or facilitate
24 the defeat of a technical control.
188
HEN12160 S.L.C.
1 (22) THIRD PARTY.—The term ‘‘third party’’
2 includes Federal entities and non-Federal entities.
3 TITLE VIII—PUBLIC AWARENESS
4 REPORTS
5 SEC. 801. FINDINGS.
6 Congress finds the following:
7 (1) Information technology is central to the ef8
fectiveness, efficiency, and reliability of the industry
9 and commercial services, Armed Forces and national
10 security systems, and the critical infrastructure of
11 the United States.
12 (2) Cyber criminals, terrorists, and agents of
13 foreign powers have taken advantage of the
14 connectivity of the United States to inflict substan15
tial damage to the economic and national security
16 interests of the Nation.
17 (3) The cybersecurity threat is sophisticated,
18 relentless, and massive, exposing all consumers in
19 the United States to the risk of substantial harm.
20 (4) Businesses in the United States are bearing
21 enormous losses as a result of criminal cyber at22
tacks, depriving businesses of hard-earned profits
23 that could be reinvested in further job-producing in24
novation.
189
HEN12160 S.L.C.
1 (5) Hackers continuously probe the networks of
2 Federal and State agencies, the Armed Forces, and
3 the commercial industrial base of the Armed Forces,
4 and already have caused substantial damage and
5 compromised sensitive and classified information.
6 (6) Severe cybersecurity threats will continue,
7 and will likely grow, as the economy of the United
8 States grows more connected, criminals become in9
creasingly sophisticated in efforts to steal from con10
sumers, industries, and businesses in the United
11 States, and terrorists and foreign nations continue
12 to use cyberspace as a means of attack against the
13 national and economic security of the United States.
14 (7) Public awareness of cybersecurity threats is
15 essential to cybersecurity defense. Only a well-in16
formed public and Congress can make the decisions
17 necessary to protect consumers, industries, and the
18 national and economic security of the United States.
19 (8) As of 2012, the level of public awareness of
20 cybersecurity threats is unacceptably low. Only a
21 tiny portion of relevant cybersecurity information is
22 released to the public. Information about attacks on
23 Federal Government systems is usually classified.
24 Information about attacks on private systems is or25
dinarily kept confidential. Sufficient mechanisms do
190
HEN12160 S.L.C.
1 not exist to provide meaningful threat reports to the
2 public in unclassified and anonymized form.
3 SEC. 802. REPORT ON CYBER INCIDENTS AGAINST GOVERN4
MENT NETWORKS.
5 (a) DEPARTMENT OF HOMELAND SECURITY.—Not
6 later than 180 days after the date of enactment of this
7 Act, and annually thereafter, the Secretary shall submit
8 to Congress a report that—
9 (1) summarizes major cyber incidents involving
10 networks of Executive agencies (as defined in section
11 105 of title 5, United States Code), except for the
12 Department of Defense;
13 (2) provides aggregate statistics on the number
14 of breaches of networks of Executive agencies, the
15 volume of data exfiltrated, and the estimated cost of
16 remedying the breaches; and
17 (3) discusses the risk of cyber sabotage.
18 (b) DEPARTMENT OF DEFENSE.—Not later than 180
19 days after the date of enactment of this Act, and annually
20 thereafter, the Secretary of Defense shall submit to Con21
gress a report that—
22 (1) summarizes major cyber incidents against
23 networks of the Department of Defense and the
24 military departments;
191
HEN12160 S.L.C.
1 (2) provides aggregate statistics on the number
2 of breaches against networks of the Department of
3 Defense and the military departments, the volume of
4 data exfiltrated, and the estimated cost of remedying
5 the breaches; and
6 (3) discusses the risk of cyber sabotage.
7 (c) FORM OF REPORTS.—Each report submitted
8 under this section shall be in unclassified form, but may
9 include a classified annex as necessary to protect sources,
10 methods, and national security.
11 SEC. 803. REPORTS ON PROSECUTION FOR CYBERCRIME.
12 (a) IN GENERAL.—Not later than 180 days after the
13 date of enactment of this Act, the Attorney General and
14 the Director of the Federal Bureau of Investigation shall
15 submit to Congress reports—
16 (1) describing investigations and prosecutions
17 by the Department of Justice relating to cyber in18
trusions or other cybercrimes the preceding year, in19
cluding—
20 (A) the number of investigations initiated
21 relating to such crimes;
22 (B) the number of arrests relating to such
23 crimes;
24 (C) the number and description of in25
stances in which investigations or prosecutions
192
HEN12160 S.L.C.
1 relating to such crimes have been delayed or
2 prevented because of an inability to extradite a
3 criminal defendant in a timely manner; and
4 (D) the number of prosecutions for such
5 crimes, including—
6 (i) the number of defendants pros7
ecuted;
8 (ii) whether the prosecutions resulted
9 in a conviction;
10 (iii) the sentence imposed and the
11 statutory maximum for each such crime
12 for which a defendant was convicted; and
13 (iv) the average sentence imposed for
14 a conviction of such crimes;
15 (2) identifying the number of employees, finan16
cial resources, and other resources (such as tech17
nology and training) devoted to the enforcement, in18
vestigation, and prosecution of cyber intrusions or
19 other cybercrimes, including the number of inves20
tigators, prosecutors, and forensic specialists dedi21
cated to investigating and prosecuting cyber intru22
sions or other cybercrimes; and
23 (3) discussing any impediments under the laws
24 of the United States or international law to prosecu25
tions for cyber intrusions or other cybercrimes.
193
HEN12160 S.L.C.
1 (b) UPDATES.—The Attorney General and the Direc2
tor of the Federal Bureau of Investigation shall annually
3 submit to Congress reports updating the reports sub4
mitted under subsection (a) at the same time the Attorney
5 General and Director submit annual reports under section
6 404 of the Prioritizing Resources and Organization for In7
tellectual Property Act of 2008 (42 U.S.C. 3713d).
8 SEC. 804. REPORT ON RESEARCH RELATING TO SECURE
9 DOMAIN.
10 (a) IN GENERAL.—The Secretary shall enter into a
11 contract with the National Research Council, or another
12 federally funded research and development corporation,
13 under which the Council or corporation shall submit to
14 Congress reports on available technical options, consistent
15 with constitutional and statutory privacy rights, for en16
hancing the security of the information networks of enti17
ties that own or manage critical infrastructure through—
18 (1) technical improvements, including devel19
oping a secure domain; or
20 (2) increased notice of and consent to the use
21 of technologies to scan for, detect, and defeat cyber
22 security threats, such as technologies used in a se23
cure domain.
194
HEN12160 S.L.C.
1 (b) TIMING.—The contract entered into under sub2
section (a) shall require that the report described in sub3
section (a) be submitted—
4 (1) not later than 180 days after the date of
5 enactment of this Act;
6 (2) annually, after the first report submitted
7 under subsection (a), for 3 years; and
8 (3) more frequently, as determined appropriate
9 by the Secretary in response to new risks or tech10
nologies that emerge.
11 SEC. 805. REPORT ON PREPAREDNESS OF FEDERAL
12 COURTS TO PROMOTE CYBERSECURITY.
13 Not later than 180 days after the date of enactment
14 of this Act, the Attorney General, in coordination with the
15 Administrative Office of the United States Courts, shall
16 submit to Congress a report—
17 (1) on whether Federal courts have granted
18 timely relief in matters relating to botnets and other
19 cybercrime and cyber security threats; and
20 (2) that includes, as appropriate, recommenda21
tions on changes or improvements to—
22 (A) the Federal Rules of Civil Procedure
23 or the Federal Rules of Criminal Procedure;
24 (B) the training and other resources avail25
able to support the Federal judiciary;
195
HEN12160 S.L.C.
1 (C) the capabilities and specialization of
2 courts to which such cases may be assigned;
3 and
4 (D) Federal civil and criminal laws.
5 SEC. 806. REPORT ON IMPEDIMENTS TO PUBLIC AWARE6
NESS.
7 Not later than 180 days after the date of enactment
8 of this Act, and annually thereafter for 3 years (or more
9 frequently if determined appropriate by the Secretary) the
10 Secretary shall submit to Congress a report on—
11 (1) legal or other impediments to appropriate
12 public awareness of—
13 (A) the nature of, methods of propagation
14 of, and damage caused by common cyber secu15
rity threats such as computer viruses, phishing
16 techniques, and malware;
17 (B) the minimal standards of computer se18
curity necessary for responsible Internet use;
19 and
20 (C) the availability of commercial off the
21 shelf technology that allows consumers to meet
22 such levels of computer security;
23 (2) a summary of the plans of the Secretary to
24 enhance public awareness of common cyber security
25 threats, including a description of the metrics used
196
HEN12160 S.L.C.
1 by the Department for evaluating the efficacy of
2 public awareness campaigns; and
3 (3) recommendations for congressional actions
4 to address these impediments to appropriate public
5 awareness of common cyber security threats.
6 SEC. 807. REPORT ON PROTECTING THE ELECTRICAL GRID
7 OF THE UNITED STATES.
8 Not later than 180 days after the date of enactment
9 of this Act, the Secretary, in consultation with the Sec10
retary of Defense and the Director of National Intel11
ligence, shall submit to Congress a report on—
12 (1) the threat of a cyber attack disrupting the
13 electrical grid of the United States;
14 (2) the implications for the national security of
15 the United States if the electrical grid is disrupted;
16 (3) the options available to the United States
17 and private sector entities to quickly reconstitute
18 electrical service to provide for the national security
19 of the United States, and, within a reasonable time
20 frame, the reconstitution of all electrical service
21 within the United States; and
22 (4) a plan to prevent disruption of the electric
23 grid of the United States caused by a cyber attack.
197
HEN12160 S.L.C.
1 TITLE IX—INTERNATIONAL
2 COOPERATION
3 SEC. 901. DEFINITIONS.
4 In this title:
5 (1) COMPUTER SYSTEM; COMPUTER DATA.—
6 The terms ‘‘computer system’’ and ‘‘computer data’’
7 have the meanings given those terms in chapter I of
8 the Convention on Cybercrime.
9 (2) CONVENTION ON CYBERCRIME.—The term
10 ‘‘Convention on Cybercrime’’ means the Council of
11 Europe’s Convention on Cybercrime, done at Buda12
pest November 23, 2001 as ratified by the United
13 States Senate on August 3, 2006 (Treaty 108–11)
14 with any relevant reservations of declarations.
15 (3) CYBER ISSUES.—The term ‘‘cyber issues’’
16 means the full range of international policies de17
signed to ensure an open, interoperable, secure, and
18 reliable global information and communications in19
frastructure.
20 (4) CYBERCRIME.—The term ‘‘cybercrime’’ re21
fers to criminal offenses relating to computer sys22
tems of computer data described in the Convention
23 of Cybercrime.
24 (5) RELEVANT FEDERAL AGENCIES.—The term
25 ‘‘relevant Federal agencies’’ means any Federal
198
HEN12160 S.L.C.
1 agency that has responsibility for combating
2 cybercrime globally, including the Department of
3 Commerce, the Department of Homeland Security,
4 the Department of Justice, the Department of State,
5 the Department of the Treasury, and the Office of
6 the United States Trade Representative.
7 SEC. 902. FINDINGS.
8 Congress finds the following:
9 (1) On February 2, 2010, Admiral Dennis C.
10 Blair, the Director of National Intelligence, testified
11 before the Select Committee on Intelligence of the
12 Senate regarding the Annual Threat Assessment of
13 the U.S. Intelligence Community, stating ‘‘The na14
tional security of the United States, our economic
15 prosperity, and the daily functioning of our govern16
ment are dependent on a dynamic public and private
17 information infrastructure, which includes tele-com18
munications, computer networks and systems, and
19 the information residing within. This critical infra20
structure is severely threatened. . . . We cannot pro21
tect cyberspace without a coordinated and collabo22
rative effort that incorporates both the US private
23 sector and our international partners.’’
24 (2) In a January 2010 speech on Internet free25
dom, Secretary of State Hillary Clinton stated:
199
HEN12160 S.L.C.
1 ‘‘Those who disrupt the free flow of information in
2 our society, or any other, pose a threat to our econ3
omy, our government, and our civil society. Coun4
tries or individuals that engage in cyber attacks
5 should face consequences and international con6
demnation. In an Internet-connected world, an at7
tack on one nation’s networks can be an attack on
8 all. And by reinforcing that message, we can create
9 norms of behavior among states and encourage re10
spect for the global networked commons.’’
11 (3) November 2011 marked the tenth anniver12
sary of the Convention on Cybercrime, the only mul13
tilateral agreement on cybercrime, to which the Sen14
ate provided advice and consent on August 3, 2006,
15 and is currently ratified by over 30 countries.
16 (4) The May 2009 White House Cyberspace
17 Policy Review asserts ‘‘[t]he Nation also needs a
18 strategy for cybersecurity designed to shape the
19 international environment and bring like-minded na20
tions together on a host of issues, such as technical
21 standards and acceptable legal norms regarding ter22
ritorial jurisdiction, sovereign responsibility, and use
23 of force. International norms are critical to estab24
lishing a secure and thriving digital infrastructure.’’
200
HEN12160 S.L.C.
1 SEC. 903. SENSE OF CONGRESS.
2 It is the sense of Congress that—
3 (1) engagement with other countries to advance
4 the cyberspace objectives of the United States should
5 be an integral part of the conduct of United States
6 foreign relations and diplomacy;
7 (2) the cyberspace objectives of the United
8 States include the full range of cyber issues, includ9
ing issues related to governance, standards, cyberse10
curity, cybercrime, international security, human
11 rights, and the free flow of information;
12 (3) it is in the interest of the United States to
13 work with other countries to build consensus on
14 principles and standards of conduct that protect
15 computer systems and users that rely on them, pre16
vent and punish acts of cybercrime, and promote the
17 free flow of information;
18 (4) a comprehensive national cyberspace strat19
egy must include tools for addressing threats to
20 computer systems and acts of cybercrime from
21 sources and by persons outside the United States;
22 (5) developing effective solutions to inter23
national cyberspace threats requires engagement
24 with foreign countries on a bilateral basis and
25 through relevant regional and multilateral fora;
201
HEN12160 S.L.C.
1 (6) it is in the interest of the United States to
2 encourage the development of effective frameworks
3 for international cooperation to combat cyberthreats,
4 and the development of foreign government capabili5
ties to combat cyberthreats; and
6 (7) the Secretary of State, in consultation with
7 other relevant Federal agencies, should develop and
8 lead Federal Government efforts to engage with
9 other countries to advance the cyberspace objectives
10 of the United States, including efforts to bolster an
11 international framework of cyber norms, governance
12 and deterrence.
13 SEC. 904. COORDINATION OF INTERNATIONAL CYBER
14 ISSUES WITHIN THE UNITED STATES GOV15
ERNMENT.
16 The Secretary of State is authorized to designate a
17 senior level official at the Department of State, to carry
18 out the Secretary’s responsibilities to—
19 (1) coordinate the United States global diplo20
matic engagement on the full range of international
21 cyber issues, including building multilateral coopera22
tion and developing international norms, common
23 policies, and responses to secure the integrity of
24 cyberspace;
202
HEN12160 S.L.C.
1 (2) provide strategic direction and coordination
2 for United States Government policy and programs
3 aimed at addressing and responding to cyber issues
4 overseas, especially in relation to issues that affect
5 United States foreign policy and related national se6
curity concerns;
7 (3) coordinate with relevant Federal agencies,
8 including the Department, the Department of De9
fense, the Department of the Treasury, the Depart10
ment of Justice, the Department of Commerce, and
11 the intelligence community to develop interagency
12 plans regarding international cyberspace, cybersecu13
rity, and cybercrime issues; and
14 (4) ensure that cyber issues, including cyberse15
curity and cybercrime, are included in the respon16
sibilities of overseas Embassies and consulates of the
17 United States, as appropriate.
18 SEC. 905. CONSIDERATION OF CYBERCRIME IN FOREIGN
19 POLICY AND FOREIGN ASSISTANCE PRO20
GRAMS.
21 (a) BRIEFING.—
22 (1) IN GENERAL.—Not later than 1 year after
23 the date of enactment of this Act, the Secretary of
24 State, after consultation with the heads of the rel203
HEN12160 S.L.C.
1 evant Federal agencies, shall provide a comprehen2
sive briefing to relevant congressional committees—
3 (A) assessing global issues, trends, and ac4
tors considered to be significant with respect to
5 cybercrime;
6 (B) assessing, after consultation with pri7
vate industry groups, civil society organizations,
8 and other relevant domestic or multilateral or9
ganizations, which shall be selected by the
10 President based on an interest in combating
11 cybercrime, means of enhancing multilateral or
12 bilateral efforts in areas of significance—
13 (i) to prevent and investigate
14 cybercrime;
15 (ii) to develop and share best prac16
tices with respect to directly or indirectly
17 combating cybercrime; and
18 (iii) to cooperate and take action with
19 respect to the prevention, investigation,
20 and prosecution of cybercrime; and
21 (C) describing the steps taken by the
22 United States to promote the multilateral or bi23
lateral efforts described in subparagraph (B).
24 (2) CONTRIBUTIONS FROM RELEVANT FEDERAL
25 AGENCIES.—Not later than 30 days before the date
204
HEN12160 S.L.C.
1 on which the briefing is to be provided under para2
graph (1), the head of each relevant Federal agency
3 shall consult with and provide to the Secretary of
4 State relevant information appropriate for the brief5
ing.
6 (b) PERIODIC UPDATES.—The Secretary of State
7 shall provide updated information highlighting significant
8 developments relating to the issues described in subsection
9 (a), through periodic briefings to Congress.
10 (c) USE OF FOREIGN ASSISTANCE PROGRAMS.—
11 (1) FOREIGN ASSISTANCE PROGRAMS TO COM12
BAT CYBERCRIME.—The Secretary of State is au13
thorized to accord priority in foreign assistance to
14 programs designed to combat cybercrime in a region
15 or program of significance in order to better combat
16 cybercrime by, among other things, improving the
17 effectiveness and capacity of the legal and judicial
18 systems and the capabilities of law enforcement
19 agencies with respect to cybercrime.
20 (2) SENSE OF THE CONGRESS WITH RESPECT
21 TO BILATERAL AND MULTILATERAL ASSISTANCE.—
22 It is the sense of Congress that the Secretary of
23 State should include programs designed to combat
24 cybercrime in relevant bilateral or multilateral as205
HEN12160 S.L.C.
1 sistance programs administered or supported by the
2 United States Government.

NSA Overview of Cloud Computing

2012-02-25T14:28:00.001-08:00

see url:

http://cryptome.org/2012/01/nsa-cloud.pdf

----------------------------------------------------------------

Time to Bomb Israel's Terrorist Nuclear Weapons Facilities

2012-02-01T16:36:00.000-08:00

Time to Bomb Israel's Terrorist Nuclear Weapons Facilities
-----------------------------------------------------------

It is time to BOMB the state of Israel's TERRORIST nuclear weapons production and force projection nuclear facilities. The nation of Israel is a tyrannical/murderous/genocidal nation and if she is not stopped immediately, this tiny nation will plunge the entire world into a nuclear world war that, by some estimates, could destroy up to one half of the human race.

The financial, military and political force behind this little nation in the Middle East is the International Jewish House of Rothschild, headquartered in the CITY of London, United Kingdom- THE source of ALL evil on Earth today.

The US military is funded, owned and run by these Jewish Rothschild Terrorists and is the main supplier of arms and weapons to the jewish state.

Israel currently wields up to 10,000 nuclear weapons, most of them neutron bombs.
The USA has tens of thousands of thermonuclear weapons on hair trigger alert. Both the US Pentagon and the Israeli military are nothing but arms of the Jewish House of Rothschild and are being used as servants in their insidious 'global eugenics' depopulation plans to eliminate billions of men, women and children in a future genocidal global nuclear war.

To preserve, protect and defend all life on earth, it is time to engage the terrorist
JEW by FORCE and eliminate these diabolically insane terrorist filth from off the face of this planet for all time.

JTP
Messenger of the Covenant
Planet Earth

2012: Transformation or Annihilation

2012-01-21T13:04:00.000-08:00

2012: Year of Transformation or Annihilation
----------------------------------------------------------------------------------------------------------------------------------------------
"I have sworn upon the altar of God, eternal hostility against every form of tyranny over the Mind of Man"
-- Thomas Jefferson

"Our global civilization today is also on an economic path that is environmentally unsustainable, a path that is leading us toward economic
decline and collapse. Environmental scientists have been saying for sometime that the global economy is being slowly undermined by the trends
of environmental destruction and disruption, including shrinking forests, expanding deserts, falling water tables, eroding soils, collapsing
fisheries, rising temperatures, melting ice, rising seas and increasingly destructive storms"
-- Lester Brown, Earth Policy Institute

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

By all accounts, the year 2012 is the pivotal year that will decide whether humanity, as a whole, collectively chooses between the innovative ingenuity of
planetary transformation or the degenerative descent into planetary annihilation.

Clearly, there are 2 paths before us in 2012. These are the paths of planetary transformation or annihilation. The choice is to continue to fund and construct
a right wing global fascist military spy and surveillance police state war machine in service to the dark side of the human psyche, OR, it is a conscious
decision and effort to build a global green sustainable world civilization in service to the light side of personal and planetary survival. In essence, this
is a colossal struggle between the forces of life and death.

Currently, trillions of dollars, yen, euros, yuan etc are being wasted on the global military industrial intelligence security complex. Although fundamental support
for building and constructing a global green society is in the pipeline, it has not received the funding, mandate and directive needed to bring it swiftly
online in today's rapidly imploding world economy.

At issue here are the international jewish/zionist Rothschild Bankers decision to employ every conceivable means of defense against the rising
masses of humanity who are exposing and challenging their wealth, power and political authority on Earth. There is also a degenerative global eugenics policy
in operation, employing nuclear, chemical and biological warfare, purposely induced/genetically modified famine and pestilence and rampant
global environmental destruction to cull the masses of humanity- which is now in overshoot at 7 billion people.

On the flip side, great strides are being made in the areas of solar cell manufacturing and installation in homes and businesses all over the world.
Wind power generation is growing exponentially. The cultivation and consumption of organically grown food and produce is rapidly growing in the developed
world. Electric cars are starting to make their debut on many streets and highways. People are purifying their water, seeking alternative health
venues, riding bicycles, challenging corporate power and trying to live healthier, more meaningful and fulfilling lives.

Although a less carbon intensive, alternative, green lifestyle has not caught on as fast as it should have by now, the foundational pillars are in place and growing robustly.
It is now a battle of time to see if continuous, overconsumptive, decadent, gas-guzzling lifestyles prevail over the rapidly rising green living paradigm in human and natural affairs.
2012 is the year where this battle for transformation or annihilation will be won or lost.

We stand at the very precipice of human destiny. Nuclear, chemical and biological war has the potential to annihilate nearly all life on Earth. Solar, wind and
anti-gravity energy has the potential to permanently end the threat of global climate change. Global climate change is the "mother" of all global eugenics operations that, if left unchecked,
will wipe out billions of people in the immediate years and decades ahead if it is not stopped and quickly reversed.

We can live under the tyranny of a global biometric identification police state control grid funded and run by the global military industrial intelligence security complex or we
can install solar panels, grow and purchase organic produce, work to protect our environment, fund our schools, provide free health care
to all our citizens, institute a 1 child per family policy and drive around in electric cars. Do we want to live in fear or do we want to live as free humanity?
The choice is between sustainability or a prison/police state economy. That choice will be made and "locked in" by the end of the year 2012.

Human consciousness is the true battlefield here, for it is only through a change in human consciousness that the world will be transformed. Once critical mass
on the light side of personal and planetary transformation is achieved, it will spread like wildfire and overcome the dark forces of death and destruction being built up
all around us like a prison. The 100th monkey phenomenon will ensure that the consciousness, spirit and authority of life gains ascendancy over the dark
war lords of degeneration, death and despotism.

2012 is the year where we hard wire transformation or annihilation consciousness, technology and development into the human matrix of human evolution.
We will make the quantum leap into a life based hyperspace society or we will descend into the pit of planetary warfare and global depopulation eugenics genocide.

To state it more succinctly, 2012 is global solstice year, where the forces of good and evil stand in perpetual balance on Earth. Whether we enter winter or summer
by the end of this year will depend on our collective decision as a species to live free or die. Let us therefore choose life so that we and our descendants may live.
Let us, therefore, tip the balance in favor of human ingenuity and global survival...

Inshallah,

Stev Kona Jona
Hana, Maui
Hawaii
USA

Alive and Kickin:
http://www.youtube.com/watch?v=TqpBB2uhRSM&noredirect=1

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1. 7 Signs of the Apocalypse:
http://www.youtube.com/watch?v=9AfoNWXxHEA

2. HOME: We All Have a Date with the Planet:
http://www.youtube.com/watch?v=jqxENMKaeCU&feature=BFa&list=PLE02FA2E098DAFE24&lf=results_video

3. Surfing the World's Biggest Wave:
http://www.youtube.com/watch?v=7nS_aR8XX_U&feature=related

4. Ethos the Movie:
http://www.youtube.com/watch?v=umcukJzssj8

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Israeli Terrorism In Iran- Warning to Israel

2012-01-12T14:51:00.001-08:00

Nation of Israel: 12.January.2012

I would highly suggest that your MOSSAD stop blowing up iranian scientists and iranian military facilities.
The Rothschild empire is making some very critical mistakes here which is leading the world
into a global thermonuclear world war.

Iran has the right to defend herself from Israeli nuclear weapons- of which you
have at least 10,000, most of them neutron bombs- and subsequent jewish terrorist ambitions in the region.

You're only in the process of hanging yourselves as a people and as a nation if you continue down this suicidal path.

Its way past time to make peace with your arab/islamic neighbors and end the war games or you're going to destroy yourselves
and the beautiful planet on which we live.

here is the ONLY solution to peace in the middle east:

http://lightspeed2017.20m.com

You have until the end of the year to implement the SIGN. After 2012, all bets are off and this civilization
descends into the abyss of its own creation.

You have been WARNED.

Doomsday Clock ticks closer to midnight

2012-01-10T14:05:00.000-08:00

Doomsday Clock ticks closer to midnight
By Jason Ukman

The mushroom cloud of the first test of a hydrogen bomb, “Ivy Mike,” as photographed on Enewetak, an atoll in the Pacific Ocean, in 1952. (U.S. Air Force via Reuters) By at least one measure, the world just got that much closer to apocalypse.

The Doomsday Clock, a figurative timepiece used as a barometer of humankind’s fate, was moved one minute closer to midnight on Tuesday, the first time it has been nudged forward since 2007. It is now 11:55, five minutes before the appointed hour.

The re-setting of the clock has become something of a gimmick in recent years, carried out by the Bulletin of the Atomic Scientists, a group established to raise awareness about the perils of nuclear weaponry, and aimed at warning the public about various catastrophic dangers.

But the process involved in deciding the time is a deeply serious one, overseen by a venerable board of scientists, Nobel laureates and others and concluded with a symposium in Washington. The setting of the clock is no longer based only on the proliferation of nuclear arms, but also on threats such as climate change and biological weaponry.

In moving the clock ahead on Tuesday, the BAS cited the failure of world leaders to achieve significant progress on the reduction of nuclear weapons and in developing a comprehensive response to climate change. Just two years ago, following global talks on climate change in Copenhagen and international pledges to reduce nuclear stockpiles, the BAS moved the clock backward by a minute.
Robert Socolow, a professor at Princeton University and a member of the Bulletin of the Atomic Scientists, during an event announcing a reset of the Doomsday Clock. (Saul Loeb — Getty Images)

“Faced with clear and present dangers of nuclear proliferation and climate change, and the need to find sustainable and safe sources of energy, world leads are failing to change business as usual,” said Lawrence Krauss, co-chairman of the group’s board of sponsors.

“As we see it,” Krauss said, “the major challenge at the heart of humanity’s survival in the 21st century is how to meet energy needs for economic growth in developing and industrial countries without further damaging the climate ... and without risking further spread of nuclear weapons — and in fact setting the stage for global reductions.”

Since being unveiled in 1947, the clock has been reset 20 times. It came closest to doomsday in 1953, when the start of the nuclear arms race pushed its hand to two minutes to midnight, and moved the farthest away in 1991, when the signing of the Strategic Arms Reduction Treaty (START) by the United States and the Soviet Union gave the world 17 minutes until midnight.

Despite the passage of various nonproliferation treaties, including the New START treaty under the Obama administration, the United States and Russia remain the chief reasons for concern when it comes to nuclear weaponry, according to Kennette Benedict, the BAS’s executive director. The United States and other major powers have not yet ratified the Comprehensive Test Ban Treaty. There has also been little progress on a treaty that would prohibit further production of fissile material for nuclear weapons.

“Overall, there’s just really no new thinking,” Benedict said.

BAS said not all news was bad over the past year. The group’s members say they were heartened by the Arab Spring, the Occupy movements and political protest in Russia.

Those developments, said Benedict, “indicated that people are waking up, and want to have a say in their future.”

USPS Plunges World into Level 5 HELL status

2011-12-31T11:57:00.001-08:00

USPS is an evil US government institution.

The US Postal System is engaged in ILLEGAL theft of mail and mail contents.
This fascist police state institution willfully and maliciously violates citizens 4th amendment right to be free
from ILLEGAL government searches and seizures.

USPS regularily liasons with the Jewish funded and controlled "Facsist/Nazi" US Dept of Homeland Security and its various agencies and is now actively engaging
in stealing personal property from mail packages openly and with no remorse in broad daylight.

They have recently stolen the contents of a package i have sent for refusing to put
a return address on the package. USPS thinks they have the right to ILLEGALLY open all mail now (which they DO NOT). As well, they are engaged in actively and ILLEGALLY opening Media
mail searching and seizing its contents.

All of these practices and
policies are supreme violations of citizens' rights to personal privacy.
USPS is now also actively restricting citizens' ability to receive 'general delivery' mail by putting a time limit on how long a citizen can receive mail at a post office.

ALL of these practices are ILLEGAL and a supreme violation of the right to be free from government intrusion and restriction.

Therefore, because of the recent CRIME they have committed against me, along with many other CRIMES they have committed against me in the past, the world is now
escalated to LEVEL 5 Hell status for these Nazi police state filth and their fascist Homeland Security minions.

Come Judgment Day, they will ALL be held accountable and punished for the CRIMES they have ungodly committed. All is recorded in the books on High. There shall be NO ESCAPE for these fascist police state swine.

A fate 'worse than death' awaits them all...

Jonas the Prophet
California
http://jonah.50megs.com

--------------------------------------------------------------------------------------------

Target: Rothschild Jewry HQ: Britain gets Slammed with Ice Age.

2011-12-19T15:33:00.000-08:00

Britain Slammed with Ice Age
Get ready for ‘worst winter in 200 years’
December 2011
-----------------------------------------------------------------------------------------------------

shaw says we are likely to see a white Christmas
We're heading for the coldest winter since the early 1800s, according to a pensioner with an uncanny knack for predicting the weather.
Harry Kershaw, 85, correctly predicted the huge snowfalls and freezing temperatures that crippled the country last December and January.
Now the amateur forecaster, from Sale, says the coming weeks could see Britain gripped by a ‘mini Ice-Age’ last encountered 200 years ago.
Harry, who began his hobby as a merchant seaman, uses a system developed by the German army during the Second World War known as ‘similarity forecasting’.
He matches conditions with those of previous years and then predicts the future weather will follow a similar pattern – often with great accuracy.
In early 2007, his predictions of a miserable summer were at odds with official forecasts, but he was right. He also warned of wet weather in 2009 when the Met Office told the nation to prepare for a ‘barbecue summer’.
He has already predicted that this winter could be as cold as that of 1812-13 – when daytime temperatures reached no more than -9C and Napoleon was forced to retreat from Moscow during his attempt to seize the Russian capital.
Harry says the bitterly cold gusts that have blown into Greater Manchester from the Lancashire coast could signal that his winter forecast is accurate.
He said: "The higher the wind speed off Blackpool between the December 2 and 16, the colder the winter. The lower the wind speed, the milder the winter. This isn’t a meteorological rule, but I’ve observed it since 1962 and it seems to be very reliable. It looks as if we could be set for a white Christmas with cold easterly winds direct from Russia."
Harry says Europe could be in the middle of a ‘mini ice-age’ similar to the one in the four years from 1812 to 1815.
The number of spots on the sun, thought to affect the weather, has been the same in the last two years as in 1812 and 1813. And North Pole barometer readings in August suggested Europe will experience a repeat of last winter, Harry said.
He added: "It looks like we could be on the same weather cycle that occurred before Napoleon’s retreat."
Blackpool was battered by winds of up to 55mph this week.
The Met Office is warning that more winter storms could batter the region in the coming days as a chain of low pressure systems cross the Atlantic.
Met Office spokesman Dan Williams said: "We’re advising people to say up to date with the latest forecast and weather warnings because conditions are changing very quickly."

Bill McKibben- Saving the Planet from the Bottom Up

2011-10-17T16:33:00.000-07:00

see url:

http://www.commondreams.org/video/2011/10/17-0

Bill McKibben: Saving the Planet from the Bottom Up!
Bill McKibben is an author, environmentalist, and activist who wrote the first popular book about global warming. He is the co-founder of 350.org, an international organisation which, on 10/10/10, organized a day of climate solutions projects-from solar panel installations to community garden plantings-and changed communities from the bottom up with over 7,000 events in 188 countries.

Survivalists Are Potential Terrorists

2011-09-19T14:01:00.000-07:00

Survivalists Such As The Tea Party, Glen Beck, Sarah Palin And Ron Paul Are Potential Terrorists
Posted by Alex Thomas - August 30, 2010 at 2:14 pm - Permalink - Source via theintelhub.com

Obama’s Justice Department Now Says that Constitutionalists, Anti New World Order Activists, and Survivalists such as the Tea Party, Glenn Beck, Sarah Palin, Rush Limbaugh, Sean Hannity, Ron Paul, and Rand Paul are all “potential terrorists”. They better watch out or they may end up on Obama’s CIA Assassination List. Before we know it Fox News will be labeled as a terrorist organization and it will be illegal to do business with them. I am sure sites like The Intel Hub, Rense, What Really Happened, God Like Productions and Above Top Secret will be targeted as terrorists breeding grounds as well.

--------------------------------------------------------------------------------

The Intel Hub

By Alex Thomas

The Justice Department is specifically attacking people who use their 1st amendment right to fight tyranny. This is absolutely disgusting. Is this Nazi America? I am an extremist for listening to the Bilderbergs stated goals and not accepting them?

If I am labeled an extremist for being against such horrible things as vaccines that kill children, world government, and the implementation of a total police state control grid, than i am proud of that label. The elite can demonize us as much as they please, it doesn’t change the fact that we have their owns words and documents, which CLEARLY shows their plans for a one world government.

The authors of this document deserve about as much respect as a piece of trash on the ground.

In times like this it is even more important to preach non violence. We are not extremists, we stand for freedom and liberty, the very principles that this country were founded upon.

--------------------------------------------------------------------------------

Obama’s Department of Justice Puts Out Master Patriot Hit-list

Kurt Nimmo

Infowars.com

The Department of Justice has fired a salvo in the war against patriotic Americans supporting the Constitution and the Bill of Rights. The DOJ has issued Investigating Terrorism and Criminal Extremism –Terms and Concepts, a 120-page propaganda addendum described as “a glossary designed primarily as a tool for criminal justice professionals to enhance their understanding of words relating to extremist terminology, phrases, activities, symbols, organizations, and selected names that they may encounter while conducting criminal investigations or prosecutions of members of extremist organizations.”……

The DOJ is now apparently in the business of newspeak. In his dystopian novel on totalitarian government, Nineteen Eighty-Four, George Orwell introduced the term doublethink, from which the terms newspeak and doublethink were later derived. Newspeak has come to mean any attempt by the government to restrict or modify language. The DOJ, in an effort to further demonize a growing patriot movement, has attempted to redefine the word consitutionalist in true newspeak fashion.

The word constitutionalist is now shorthand for the sovereign citizen movement, in other words people who support the Constitution and the Bill of Rights are violent cop killers.

Read Entire Article

--------------------------------------------------------------------------------

Terms From The Obama Administration’s Department Of Justice Publication

Public Intelligence

A recent Department of Justice guide for investigators of criminal and extremist groups lists “constitutionalists” and “survivalists” alongside organizations like Al-Qaeda and the Aryan Brotherhood. The 120-page, “Law Enforcement Sensitive” guide to “Investigating Terrorism and Criminal Extremism – Terms and Concepts” describes itself as “a glossary designed primarily as a tool for criminal justice professionals to enhance their understanding of words relating to extremist terminology, phrases, activities, symbols, organizations, and selected names that they may encounter while conducting criminal investigations or prosecutions of members of extremist organizations.”

Constitutionalist, defined by Random House’s 2010 Dictionary as an “adherent or advocate of constitutionalism or of an existing constitution”, is described in the report as a “generic term for members of the ‘patriot’ movement”. Survivalists are described in the document as fearing a “coming collapse of civilization” and are trying to prepare themselves for this collapse. Such individuals are said to have “typically stockpiled food, water, and weapons, especially the latter, and instructed themselves on topics ranging from first aid to childbirth to edible plants”.

The guide defines the term “New World Order” as being “used by conspiracy theorists to refer to a global conspiracy designed to implement worldwide socialism”. The Bilderberg Group, Trilateral Commission, and Council on Foreign Relations are described as organizations “targeted by right-wing extremists for conspiring to dominate the world”. The guide also defines “One World Government” as the “concept that there will ultimately be a single governing body that will control the world”, adding that “some right-wing extremists fear this occurring, believing that white people will be in the minority, with Jewish people ultimately controlling the world”.

While the document’s introduction does state that “the fact that an entry appears in this publication does not imply a connection to illegal activity”, it goes on to say that the guide consists of “terms that may be germane to members of an extremist movement” or are “singularly employed by specific extremist groups”. The obvious result of the inclusion of terms such as “Bilderberg Group” and “Trilateral Commission” in a report titled “Investigating Terrorism and Criminal Extremism” is that law enforcement officials unaware of these groups will tend to associate legitimate discussion as “extremist” speech. This diminishes the credibility of any person attempting to rationally discuss such groups and fosters a perception that any discussion of such groups could be associated with a supposedly “extremist” ideology.

Examples of “Extremist” Terminology

To see the full list please visit the U.S. Department of Justice Terrorism and Criminal Extremism Terms 2005-2009.

Black Helicopters: Unmarked dark helicopters allegedly observed by many members of the “patriot” movement, who claim that the helicopters are part of some vast conspiracy, perhaps involving the United Nations or the “New World Order.” Various explanations have been offered for some of the sightings, but the term has since entered the popular vocabulary and is often used as a generic, sometimes satirical reference to conspiracy-related beliefs.

Bilderbergers (Bilderberg Group): Along with the Trilateral Commission and the Council on Foreign Relations, one of the three groups targeted by right-wing extremists for conspiring to dominate the world.

Collection (of Information): The identification, location, and recording/storage of unanalyzed information, typically from an original source and using both human and technological means, for input into the intelligence cycle to determine its usefulness in meeting a defined tactical or strategic intelligence goal.

Concentration Camps: Detention camps supposedly being built or already built by the United States government, according to conspiracy theorists.

Constitutionalists: A generic term for members of the “patriot” movement. It is now often used to refer to members of the sovereign citizen or common law court movement. Sometimes the word “constitutionist” is also used.

Council on Foreign Relations (CFR ): Along with the Bilderbergers and the Trilateral Commission, one of the three key groups that conspiracy theorists claim operate behind the scenes to control the world and to establish the “New World Order.”

Executive Orders: The formal means by which the President of the United States determines the conduct of business in the Executive Branch. Typically, such executive orders take two forms: (1) orders governing administrative or policy matters in Executive Branch agencies or (2) orders for which the authority is derived from congressional authorizations. The “patriot” movement, however, contends that executive orders are “presidential laws” that bypass Congress and subvert the Constitution.

Flag of Peace: The American flag preferred by the “patriot” movement; a red, white, and blue flag without any gold trim, braid, balls, tassels, eagles, fringe, or spear on the flag or pole. Patriots believe that any other American flag is a military flag that denotes military jurisdiction. Only under the “flag of peace” do U.S. citizens receive their constitutional rights and due process.

Globalization: This term generally refers to the denationalization of economies, markets, products, and populations brought about by ever faster travel, improved communications, and advances in technology.

Illuminati: An intellectual society and social club formed by a university professor, Adam Weishaupt (1748–1811), in southern Germany in the 1770s in the spirit of the Enlightenment. It was suppressed by Bavarian authorities in the 1780s. Weishaupt spent the rest of his life writing about the Illuminati. People who believe Illuminati conspiracy theories believe the society never died away but lived on, run by people intent on controlling the world through devious means.

Information Warfare: Synonymous with cyberwarfare, information warfare is the offensive and defensive use of information and information systems to deny, exploit, corrupt, or destroy an adversary’s information, information-based processes, information systems, and computer-based networks while protecting one’s own. Such actions are designed to achieve advantages over military or business adversaries.

Jack-Booted Thug (JBT ): A law enforcement officer (especially federal) draped in combat fatigues or other military or paramilitary uniform, wearing a ski mask or similar headgear guaranteeing anonymity, wielding powerful military weapons, and utilizing other military vehicles and gear.

New World Order: A term used by conspiracy theorists to refer to a global conspiracy designed to implement worldwide socialism.

One-World Government: The concept that there will ultimately be a single governing body that will control the world. Some right-wing extremists fear this occurring, believing that white people will be in the minority, with Jewish people ultimately controlling the world.

Open Source Information or Intelligence: Individual data, records, reports, and assessments that may shed light on an investigatory target or event and do not require any legal process or any type of clandestine collection techniques for a law enforcement agency to obtain. Such information is obtained through means that meet copyright and commercial requirements of vendors, as well as being free of legal restrictions to access by anyone who seeks that information.

Patriot Movement: The “patriot” movement is a general term used by its members to describe the collective movements and individuals on the extreme right wing. In one form or another, this practice dates back many decades; in the 1930s, many on the far right referred to themselves as “superpatriots.” In the 1960s and 1970s, it was common to refer to the “Christian Patriot” movement, but this term is less common now than then. Among the types of individuals that can be found within the “patriot” movement are white supremacists, sovereign citizens, tax protesters, militia members, and sometimes antiabortion or anti-environmental groups.

Patriots for Profit: A term used to describe those individuals in the “patriot” movement who perpetrate scams and frauds against other people, usually fellow members of the movement. It also refers to people who attempt to make money by selling various products and “kits” to members of the movement. By far the most numerous of the “patriots for profit” are the people who cater to would-be tax protesters.

Pirate Radio: The operation of radio transmitters without a license from the Federal Communications Commission (FCC). Although some of the most notable pirate stations, such as Free Radio Berkeley, have been primarily left-wing in orientation, a large number of pirate stations adhere to right-wing or antigovernment philosophies.

Sovereign Citizen: A term used to describe adherents to a philosophy derived from the group Posse Comitatus that posits that there are two types of citizens: “Fourteenth Amendment Citizens,” who are subject to the laws and taxes of the federal and state governments, and sovereign citizens, who are subject only to “the common law.” Sovereign citizens claim that they have absolute mastery over all their property (including freedom from taxes, regulations, ordinances, or zoning restrictions), that they essentially do not have to pay taxes (aside from tariffs and a few other insignificant taxes), that they are not citizens of the United States but are “nonresident aliens” with respect to that “illegal corporation,” that the only court which has jurisdiction to try them for any matter is a common law court, and that they can never be arrested or tried for a crime or matter in which there is no complaining victim, as well as various other notions. Typical signs that someone is a sovereign citizen include the use of punctuation between their middle and last names (i.e., John Wayne; Doe); a refusal to have a social security card or any paper, license, or document related to automobile ownership or driving; a refusal to use zip codes; and the displaying on various items—from envelopes to paper money, to time cards, or to forms—of the phrase “UCC 1-207,” or variants thereof. Sovereign citizens are often also known as state citizens, freemen, preamble citizens, common law citizens, or other appellations.

Survivalists: The survivalist movement feared a coming collapse of civilization, generally as the result of nuclear war, and tried to prepare themselves to survive it. Survivalists typically stockpiled food, water, and weapons, especially the latter, and instructed themselves on topics ranging from first aid to childbirth to edible plants.

Tax-Protest Movement: A movement consisting of people who do not simply want to avoid paying taxes but generally claim they should not have to pay them. The right-wing movement started in the 1950s and 1960s and has concentrated on interpreting the Constitution, U.S. law, and the tax code, in particular, in such a way as to be able to claim that most people do not have to pay income taxes. The motivating force behind the right-wing tax-protest movement was to find loopholes, actual or manufactured, that would allow people to claim that they had no tax obligation.

Trilateral Commission: A group, along with the Bilderbergers and the Council on Foreign Relations, that is viewed by the “patriot” movement as being one of the major organizations seeking to implement the “New World Order.” Formed in 1973 by David Rockefeller and Zbigniew Brzezinski, the Trilateral Commission consists of slightly over 300 members from Europe, Japan, and North America (the three main democratic-industrial regions of the world, thus the term “trilateral”). Members include prominent figures in the media, politics, business, and academia. Conspiracy theorists claim it is a group of elitists determined to promote a one-world government.

Craigslist is a Fascist Police State Spy and Surveillance Operation

2011-09-15T11:58:00.000-07:00

Craigslist is a Fascist Police State Spy and Surveillance Operation
----------------------------------------------------------------------

This so-called peace oriented "alternative transportation" online ride service
is nothing but a fascist police state spy and surveillance operation.
Based in San Francisco, California, USA, this police state operation is
in existence to track, monitor and control the alternative transportation
network. They regularily require one to give a phone number in order to post
a ride notice on the Rideshare list.

Giving one's phone number only gives the National Security Agency (NSA)- the largest and most oppressive police state spy agency in America- the ability to listen in your conversations, track your location (in real time) and lock down your residence address in case the American NAZI police state ever wishes to raid your home and arrest you for being a dissident, a terrorist, an enemy combatant or whatever label they want to use to shut you and and shut you down.

G-mail, Yahoo mail and Hotmail also regularily require a phone number in order to open an account or to send e-mail- which many times does not even go through if they determine you are engaged in "suspicious actiity", determined by them what this type of activity actually is! All of this is overseen by the new Jew-funded Nazi fascist
Police State Gestapo Agency known as the Dept of Homeland Security.

Craigslist regularily sets up STING operations to determine when and where riders are going. They have police state operatives who pick up people and set them up for a pre-ordained police state stops and searchs- so as to get your identification and to go through your belongings. Watch out for these filth who advertise themselves offering rides with honda 4 door civics (oh, so good on gas) and dog (oh, so independent) needing to get somewhere fast.

Summit County, Colorado Fascist Police State

2011-09-15T10:38:00.000-07:00

Summit county is quickly becoming a fascist nazi police state.

There are TWICE the number of cops and police cruisers on the streets than are needed here.

The police, instead of serving and protecting the community, have instead been turned

into a force that oppresses and loots the public.

Homeland Security, The US military, the FBI, the CIA, the NSA and the rest of the alphabet soup intelligence

agencies have now been turned on the American people. This is being done because the International

JEWISH Rothschild Banking Cartel, headquartered in the CITY of London, UK, have determined that the entire

Western world is to be brought down and de-industruialized. And there WILL be domestic resistance to the incoming

enslavement as the Jew World Order works to strip us of our freedoms.

Japan has already been destroyed (from a Haarp induced earthquake). The Usa and Europe are both teetering

on complete bankruptcy and collapse (by design)- its a just a matter of time before the whole capitalist world system implodes.

The new model for world society is China and its oppressive police state system of control and surveillance.

This is why we have a new nazi/soviet style police state checkpoint at the dillon dam. This is why there are spy and

surveillance cameras installed everywhere one looks. This is why there are too many cops on patrol in our county.

The new police state "pace" car program being carried out at the I-70 Eisenhower tunnel has absolutely NOTHING to do with

"safety", its about psychological conditioning and getting you to learn to be subservient to police state authority.

There is NO LAW on the books that forces you to follow a pace police car through the Eisenhower Tunnel, therefore

DO NOT obey any illegal program that forces you to submit to any police state presence whatsoever on OUR state highways.

In fact, the #1 economic growth sector in the national economy is homeland security- training more cops,

building more prisons, installing more cameras and developing more oppressive spy and surveillance technology etc...

The federal, state and local governments all now share information- through their so-called "threat fusion" centers-

to track, monitor and oppress the American people. Our freedoms and liberties are their #1 threat.

We the People are the new Al-Qaida. If you're an American citizen, you are now a "terrorist".

Scott Runyon

Breckenridge, Colorado

Jonas the Prophet

2011-09-09T10:27:00.001-07:00

SEE URLS:

http://jonastheprophet.tk

http://jonah.20m.com

http://jonah.50megs.com

This site is CENSORED by most of the major search engines on the Internet.

------------------------------------------------------------------------------

The Coming Extraterrestrial Invasion

2011-09-07T14:43:00.000-07:00

URL:

http://battlestar.i8.com/eti.html

World at 7 Billion in 2011 and Counting...

2011-09-07T13:51:00.000-07:00

URL:

http://www.sciencedaily.com/releases/2011/07/110728144933.htm

----------------------------------------------------------------------------------

World Population to Surpass 7 Billion in 2011; Explosive Population Growth Means Challenges for Developing Nations

----------------------------------------------------------------------------------

In 2011, global population is expected to hit 7 billion. (Credit: © Feng Yu / Fotolia)ScienceDaily (July 28, 2011) — Global population is expected to hit 7 billion later this year, up from 6 billion in 1999. Between now and 2050, an estimated 2.3 billion more people will be added -- nearly as many as inhabited the planet as recently as 1950. New estimates from the Population Division of the Department of Economic and Social Affairs of the United Nations also project that the population will reach 10.1 billion in 2100.

These sizable increases represent an unprecedented global demographic upheaval, according to David Bloom, Clarence James Gamble Professor of Economics and Demography at the Harvard School of Public Health, in a review article published July 29, 2011 in Science.

Over the next forty years, nearly all (97%) of the 2.3 billion projected increase will be in the less developed regions, with nearly half (49%) in Africa. By contrast, the populations of more developed countries will remain flat, but will age, with fewer working-age adults to support retirees living on social pensions.

"Although the issues immediately confronting developing countries are different from those facing the rich countries, in a globalized world demographic challenges anywhere are demographic challenges everywhere," said Bloom.

The world's population has grown slowly for most of human history. It took until 1800 for the population to hit 1 billion. However, in the past half-century, population jumped from 3 to 7 billion. In 2011, approximately 135 million people will be born and 57 million will die, a net increase of 78 million people.

Considerable uncertainty about these projections remains, Bloom writes. Depending on whether the number of births per woman continues to decline, the ranges for 2050 vary from 8.1 to 10.6 billion, and the 2100 projections vary from 6.2 to 15.8 billion.

Population trends indicate a shift in the "demographic center of gravity" from more to less developed regions, Bloom writes. Already strained, many developing countries will likely face tremendous difficulties in supplying food, water, housing, and energy to their growing populations, with repercussions for health, security, and economic growth.

"The demographic picture is indeed complex, and poses some formidable challenges," Bloom said. "Those challenges are not insurmountable, but we cannot deal with them by sticking our heads in the sand. We have to tackle some tough issues ranging from the unmet need for contraception among hundreds of millions of women and the huge knowledge-action gaps we see in the area of child survival, to the reform of retirement policy and the development of global immigration policy. It's just plain irresponsible to sit by idly while humankind experiences full force the perils of demographic change."

--------------------------------------------------------------------------------

Global Crisis Archive

2011-09-07T12:41:00.001-07:00

URL:

http://www.infowars.com/category/global-crisis/

--------------------------------------------------------------

Illegal Surveillance Under the USA PATRIOT Act

2011-09-07T12:12:00.000-07:00

Illegal Surveillance Under the USA PATRIOT Act
------------------------------------------------------------------------------------
URL: http://www.aclu.org/print/national-security/surveillance-under-usa-patriot-act
------------------------------------------------------------------------------------

Surveillance Under the USA PATRIOT Act
December 10, 2010
What is the USA PATRIOT Act?

Just six weeks after the September 11 attacks, a panicked Congress passed the "USA/Patriot Act," an overnight revision of the nation's surveillance laws that vastly expanded the government's authority to spy on its own citizens, while simultaneously reducing checks and balances on those powers like judicial oversight, public accountability, and the ability to challenge government searches in court.

Why Congress passed the Patriot Act

Most of the changes to surveillance law made by the Patriot Act were part of a longstanding law enforcement wish list that had been previously rejected by Congress, in some cases repeatedly. Congress reversed course because it was bullied into it by the Bush Administration in the frightening weeks after the September 11 attack.

The Senate version of the Patriot Act, which closely resembled the legislation requested by Attorney General John Ashcroft, was sent straight to the floor with no discussion, debate, or hearings. Many Senators complained that they had little chance to read it, much less analyze it, before having to vote. In the House, hearings were held, and a carefully constructed compromise bill emerged from the Judiciary Committee. But then, with no debate or consultation with rank-and-file members, the House leadership threw out the compromise bill and replaced it with legislation that mirrored the Senate version. Neither discussion nor amendments were permitted, and once again members barely had time to read the thick bill before they were forced to cast an up-or-down vote on it. The Bush Administration implied that members who voted against it would be blamed for any further attacks - a powerful threat at a time when the nation was expecting a second attack to come any moment and when reports of new anthrax letters were appearing daily.

Congress and the Administration acted without any careful or systematic effort to determine whether weaknesses in our surveillance laws had contributed to the attacks, or whether the changes they were making would help prevent further attacks. Indeed, many of the act's provisions have nothing at all to do with terrorism.

The Patriot Act increases the government's surveillance powers in four areas

The Patriot Act increases the government's surveillance powers in four areas:

1.Records searches. It expands the government's ability to look at records on an individual's activity being held by third parties. (Section 215)
2.Secret searches. It expands the government's ability to search private property without notice to the owner. (Section 213)
3.Intelligence searches. It expands a narrow exception to the Fourth Amendment that had been created for the collection of foreign intelligence information (Section 218).
4."Trap and trace" searches. It expands another Fourth Amendment exception for spying that collects "addressing" information about the origin and destination of communications, as opposed to the content (Section 214).
1. Expanded access to personal records held by third parties

One of the most significant provisions of the Patriot Act makes it far easier for the authorities to gain access to records of citizens' activities being held by a third party. At a time when computerization is leading to the creation of more and more such records, Section 215 of the Patriot Act allows the FBI to force anyone at all - including doctors, libraries, bookstores, universities, and Internet service providers - to turn over records on their clients or customers.

Unchecked power
The result is unchecked government power to rifle through individuals' financial records, medical histories, Internet usage, bookstore purchases, library usage, travel patterns, or any other activity that leaves a record. Making matters worse:

•The government no longer has to show evidence that the subjects of search orders are an "agent of a foreign power," a requirement that previously protected Americans against abuse of this authority.
•The FBI does not even have to show a reasonable suspicion that the records are related to criminal activity, much less the requirement for "probable cause" that is listed in the Fourth Amendment to the Constitution. All the government needs to do is make the broad assertion that the request is related to an ongoing terrorism or foreign intelligence investigation.
•Judicial oversight of these new powers is essentially non-existent. The government must only certify to a judge - with no need for evidence or proof - that such a search meets the statute's broad criteria, and the judge does not even have the authority to reject the application.
•Surveillance orders can be based in part on a person's First Amendment activities, such as the books they read, the Web sites they visit, or a letter to the editor they have written.
•A person or organization forced to turn over records is prohibited from disclosing the search to anyone. As a result of this gag order, the subjects of surveillance never even find out that their personal records have been examined by the government. That undercuts an important check and balance on this power: the ability of individuals to challenge illegitimate searches.
Why the Patriot Act's expansion of records searches is unconstitutional
Section 215 of the Patriot Act violates the Constitution in several ways. It:

•Violates the Fourth Amendment, which says the government cannot conduct a search without obtaining a warrant and showing probable cause to believe that the person has committed or will commit a crime.
•Violates the First Amendment's guarantee of free speech by prohibiting the recipients of search orders from telling others about those orders, even where there is no real need for secrecy.
•Violates the First Amendment by effectively authorizing the FBI to launch investigations of American citizens in part for exercising their freedom of speech.
•Violates the Fourth Amendmentby failing to provide notice - even after the fact - to persons whose privacy has been compromised. Notice is also a key element of due process, which is guaranteed by the Fifth Amendment.
2. More secret searches

For centuries, common law has required that the government can't go into your property without telling you, and must therefore give you notice before it executes a search. That "knock and announce" principle has long been recognized as a part of the Fourth Amendment to the Constitution.

The Patriot Act, however, unconstitutionally amends the Federal Rules of Criminal Procedure to allow the government to conduct searches without notifying the subjects, at least until long after the search has been executed. This means that the government can enter a house, apartment or office with a search warrant when the occupants are away, search through their property, take photographs, and in some cases even seize property - and not tell them until later.

Notice is a crucial check on the government's power because it forces the authorities to operate in the open, and allows the subject of searches to protect their Fourth Amendment rights. For example, it allows them to point out irregularities in a warrant, such as the fact that the police are at the wrong address, or that the scope of the warrant is being exceeded (for example, by rifling through dresser drawers in a search for a stolen car). Search warrants often contain limits on what may be searched, but when the searching officers have complete and unsupervised discretion over a search, a property owner cannot defend his or her rights.

Finally, this new "sneak and peek" power can be applied as part of normal criminal investigations; it has nothing to do with fighting terrorism or collecting foreign intelligence.

3. Expansion of the intelligence exception in wiretap law

Under the Patriot Act, the FBI can secretly conduct a physical search or wiretap on American citizens to obtain evidence of crime without proving probable cause, as the Fourth Amendment explicitly requires.

A 1978 law called the Foreign Intelligence Surveillance Act (FISA) created an exception to the Fourth Amendment's requirement for probable cause when the purpose of a wiretap or search was to gather foreign intelligence. The rationale was that since the search was not conducted for the purpose of gathering evidence to put someone on trial, the standards could be loosened. In a stark demonstration of why it can be dangerous to create exceptions to fundamental rights, however, the Patriot Act expanded this once-narrow exception to cover wiretaps and searches that DO collect evidence for regular domestic criminal cases. FISA previously allowed searches only if the primary purpose was to gather foreign intelligence. But the Patriot Act changes the law to allow searches when "a significant purpose" is intelligence. That lets the government circumvent the Constitution's probable cause requirement even when its main goal is ordinary law enforcement.

The eagerness of many in law enforcement to dispense with the requirements of the Fourth Amendment was revealed in August 2002 by the secret court that oversees domestic intelligence spying (the "FISA Court"). Making public one of its opinions for the first time in history, the court revealed that it had rejected an attempt by the Bush Administration to allow criminal prosecutors to use intelligence warrants to evade the Fourth Amendment entirely. The court also noted that agents applying for warrants had regularly filed false and misleading information. That opinion is now on appeal.

4. Expansion of the "pen register" exception in wiretap law

Another exception to the normal requirement for probable cause in wiretap law is also expanded by the Patriot Act. Years ago, when the law governing telephone wiretaps was written, a distinction was created between two types of surveillance. The first allows surveillance of the content or meaning of a communication, and the second only allows monitoring of the transactional or addressing information attached to a communication. It is like the difference between reading the address printed on the outside of a letter, and reading the letter inside, or listening to a phone conversation and merely recording the phone numbers dialed and received.

Wiretaps limited to transactional or addressing information are known as "Pen register/trap and trace" searches (for the devices that were used on telephones to collect telephone numbers). The requirements for getting a PR/TT warrant are essentially non-existent: the FBI need not show probable cause or even reasonable suspicion of criminal activity. It must only certify to a judge - without having to prove it - that such a warrant would be "relevant" to an ongoing criminal investigation. And the judge does not even have the authority to reject the application.

The Patriot Act broadens the pen register exception in two ways:

"Nationwide" pen register warrants
Under the Patriot Act PR/TT orders issued by a judge are no longer valid only in that judge's jurisdiction, but can be made valid anywhere in the United States. This "nationwide service" further marginalizes the role of the judiciary, because a judge cannot meaningfully monitor the extent to which his or her order is being used. In addition, this provision authorizes the equivalent of a blank warrant: the court issues the order, and the law enforcement agent fills in the places to be searched. That is a direct violation of the Fourth Amendment's explicit requirement that warrants be written "particularly describing the place to be searched."

Pen register searches applied to the Internet
The Patriot Act applies the distinction between transactional and content-oriented wiretaps to the Internet. The problem is that it takes the weak standards for access to transactional data and applies them to communications that are far more than addresses. On an e-mail message, for example, law enforcement has interpreted the "header" of a message to be transactional information accessible with a PR/TT warrant. But in addition to routing information, e-mail headers include the subject line, which is part of the substance of a communication - on a letter, for example, it would clearly be inside the envelope.

The government also argues that the transactional data for Web surfing is a list of the URLs or Web site addresses that a person visits. For example, it might record the fact that they visited "www.aclu.org" at 1:15 in the afternoon, and then skipped over to "www.fbi.gov" at 1:30. This claim that URLs are just addressing data breaks down in two different ways:

•Web addresses are rich and revealing content. The URLs or "addresses" of the Web pages we read are not really addresses, they are the titles of documents that we download from the Internet. When we "visit" a Web page what we are really doing is downloading that page from the Internet onto our computer, where it is displayed. Therefore, the list of URLs that we visit during a Web session is really a list of the documents we have downloaded - no different from a list of electronic books we might have purchased online. That is much richer information than a simple list of the people we have communicated with; it is intimate information that reveals who we are and what we are thinking about - much more like the content of a phone call than the number dialed. After all, it is often said that reading is a "conversation" with the author.
•Web addresses contain communications sent by a surfer. URLs themselves often have content embedded within them. A search on the Google search engine, for example, creates a page with a custom-generated URL that contains material that is clearly private content, such as: http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&q=sexual+orient...
Similarly, if I fill out an online form - to purchase goods or register my preferences, for example - those products and preferences will often be identified in the resulting URL.
.Published on American Civil Liberties Union (http://www.aclu.org)
Source URL: http://www.aclu.org/national-security/surveillance-under-usa-patriot-act

SAVING THE PLANET

2011-09-07T11:59:00.000-07:00

Spam-cop has "spammed" this website (below).
Spam-cop is run by the fascist international intelligence community (FBI, CIA NSA etc...) to censor websites from being effectively being e-mailed or listed on the major search engines. A "spammed" website sent through as an e-mail will turn up in a recipient's "spam" inbox, instead of the normal e-mail "inbox" where it should end up. Its an ILLEGAL way to censor website content.

Here is the LINK/online book they have CENSORED:

http://pulsar774.tripod.com

Multimedia Linx

2011-09-07T11:54:00.000-07:00

Spam-cop has "spammed" this website (below).
Spam-cop is run by the fascist international intelligence community (FBI, CIA NSA etc...) to censor websites from being effectively being e-mailed or listed on the major search engines. A "spammed" website sent through as an e-mail will turn up in a recipient's "spam" inbox, instead of the normal e-mail "inbox" where it should end up. Its an ILLEGAL way to censor website content.

Here is the LINK they have CENSORED:

http://multimedialinx.tripod.com

Summit County, Colorado Run By Psychopaths

2011-09-02T11:30:00.001-07:00

Summit County, Colorado Run By Psychopaths:
Summer/Fall, 2011
-----------------------------------------------------------------------------------

This county is run by dangerous bona-fide psychopaths. The Frisco peninsula is being/has been destroyed before our very eyes. This area was supposed to be off-limits to developers and loggers and protected for its environmental pristiness for the public to enjoy.

Our beautiful recreational area has now been completely decimated- not by the pine beetle, but by man and machine on the ground- with the loss of 50-100 year old pine forests that will no longer be with us for generations to come. This is a deliberate act of enviromental destruction approved and condoned by local, state and federal bureaucrats and is nothing less than an act of state-sponsored eco-terrorism.

Dillon Dam security and Denver Water need to be physically and forcibly thrown out of this county for the communist-style checkpoint they have set up at the Dillon Dam. Contrary to popular brainwashed beliefs, there are no terrorists.

Every single surveillance camera in this county- those in our supermarkets, in our banks, on our street intersections, in our buses, in our rec centers etc- need to be immediately removed and destroyed. Those police and security agencies who are primarily responsible for approving, implementing and operating this illegal spy and surveillance control grid need to be arrested, prosecuted and jailed for violating the privacy, dignity and integrity of the general public. Its time to call out the National Guard and the US military if those behind this extreme right wing criminal mafia surveillance network are not brought to justice.

Like a metastisizing cancer, Summit County is in the process of literally killing itself. Until the rotten psychopaths who run this county are reigned in and replaced by eco-friendly, life-affirming, just, decent and upright fellow citizens, one can only expect that this cancer will eventually kill its host.

Clive Bunting
BRECKENRIDGE

Exterminate the Jewish Rothschild Banking Cartel

2011-09-02T11:11:00.000-07:00

London, United Kingdom, is the very centre of All EVIL on Earth today.

Dragon symbology and statues are spread all throughout 'the City'; an area embedded within the greater city of London per se', and often reffered to as the richest square mile of land on earth.

On 'the City' of London's coat of arms, again, we find dragons and dragon symbology, signifying and reaffirming that it is Satan, Lucifer, the Devil (referred to repeatedly in Holy Scripture as the Dragon or the Serpent) who really controls the temporal affairs of Men.

Today, 'the City' of London is the global financial capital of 21st century human civilization. New York City, its rival, is in steep decline as witnessed by the continuing fall of the American Dollar in the global economy. One need not look further than the international monetary exchange rates to see that the British Pound is the strongest currency in the world, followed by the European Euro- both superceeding the rapid devaluation of the American Dollar in world affairs. (in 2007: 1 US Dollar= .75 European Euros and .50 British Pounds)

It is the JEWISH House of Rothschild who owns, runs and operates 'the City' of London, rendering it, by far, the richest, wealthiest, most powerful transnational enterprise/empire on Earth. International jewry, therefore, sits at the very head of the emerging European BEAST government, or Revived Roman Empire, commonly referred to today as the European Union. In addition, the British Commonwealth controls roughly 1/4 of the world's nations, peoples and landmasses, making it an additional extension of transnational european jewish power existing beyond the territorial domain of the European Continent.

The true 'source' of international corporate fascism, military warmongering and the global exploitation of land, people and resources today, is NOT the USA per se', but 'the City' of London, which pulls America's strings from on high and channels trillions in profits into the coffers of the International Jewish Corporate Rothschild Empire.

Let the world's REAL superpower (the world's people) therefore, target 'the City' of London for future annihilation and extermination, for herein lies Mankind's #1 enemy. Let the entire spectrum of future protest and confrontation, from non-violent civil resistance and disobedience to deadly Force of Arms (including the use of thermonuclear weapons), be directed against this single diabolical entity in world affairs. Together, let ALL the people of the planet take aim and work together to bring down this Leviathan by ANY AND ALL MEANS NECESSARY until this BEAST is completely overthrown and destroyed- for only then will the human race have a fighting chance to survive as a global civilization on into the 21st century.

Its Official, our Prime Target: London, UK.

--------------------------------------------------------------------------------

Jonas the Prophet
Planet Earth

Alpine Bank of Colorado Closes Global Environmentalist's "Environment" Checking Account

2011-08-31T11:43:00.000-07:00

Alpine Bank of Colorado Closes Global Environmentalist's "Environment" Checking Account
----------------------------------------------------------------------------------
September 1st, 2011

Alpine Bank is NOT a "green" bank.

Although priding themselves in being such, they have betrayed their own core values
to honor, preserve and protect the environment and instead have turned themselves into a military nazi-style run spy and surveillance police state operation.

Teller posts surveillance cameras installed this past year at all Alpine Bank branches (as far as I'm aware), now willfully and maliciously violate customers privacy, dignity and respectability when entering a branch and conducting business.

Because I spoke up, challenged and confronted this illegal spy and surveillance control grid- as is my 1st amendment right to do so- my "environment" account was abruptly terminated. As a global environmentalist, i am more aware than most that the values of promoting, building and sustaining a global green society are dialectically incompatable with the values of running a military nazi-style police state operation. Unfortunately, Alpine Bank has chosen the latter.

It is my hope that the Bank will see the folly of its right wing military police state ways and return to its more progressive core green roots and values in the future, although I see very little chance of that happening in this current paranoid culture of excessive and obsessive security.

If we are going to Save Our Planet for our children and our future generations, institutions such as Alpine Bank (and others) need to radically reverse course and learn to promote an alternative culture of life that honors, promotes and respects the dignity, well-being and integrity of its customers, not their enslavement.

Regards,

Steve Jones
Global Environmentalist
Dillon, Colorado
USA

Ex-Alpine Bank Environment Account
Ex-Account #: 3350120278

SAVING THE PLANET:
http://pulsar774.tripod.com
----------------------------------------------------------------------------------

The US Homeland Security Complex: The Decades Biggest Scam

2011-08-29T16:36:00.000-07:00

URL:

http://www.commondreams.org/view/2011/08/29-10
-------------------------------------------------------------------------------------

Published on Monday, August 29, 2011 by Salon.com

The Decade's Biggest Scam

by Glenn Greenwald

The Los Angeles Times examines the staggering sums of money expended on patently absurd domestic "homeland security" projects: $75 billion per year for things such as a Zodiac boat with side-scan sonar to respond to a potential attack on a lake in tiny Keith County, Nebraska, and hundreds of "9-ton BearCat armored vehicles, complete with turret" to guard against things like an attack on DreamWorks in Los Angeles. All of that -- which is independent of the exponentially greater sums spent on foreign wars, occupations, bombings, and the vast array of weaponry and private contractors to support it all -- is in response to this mammoth, existential, the-single-greatest-challenge-of-our-generation threat:

"The number of people worldwide who are killed by Muslim-type terrorists, Al Qaeda wannabes, is maybe a few hundred outside of war zones. It's basically the same number of people who die drowning in the bathtub each year," said John Mueller, an Ohio State University professor who has written extensively about the balance between threat and expenditures in fighting terrorism.

Last year, McClatchy characterized this threat in similar terms: "undoubtedly more American citizens died overseas from traffic accidents or intestinal illnesses than from terrorism." The March, 2011, Harper's Index expressed the point this way: "Number of American civilians who died worldwide in terrorist attacks last year: 8 -- Minimum number who died after being struck by lightning: 29." That's the threat in the name of which a vast domestic Security State is constructed, wars and other attacks are and continue to be launched, and trillions of dollars are transferred to the private security and defense contracting industry at exactly the time that Americans -- even as they face massive wealth inequality -- are told that they must sacrifice basic economic security because of budgetary constraints.

Despite these increasing economic insecurities -- actually, precisely because of them -- the sprawling domestic Security State continues unabated. The industry journal National Defense Magazine today trumpets: "Homeland Security Market ‘Vibrant’ Despite Budget Concerns." It details how budget cuts mean "homeland security" growth may not be as robust as once predicted, but "Lockheed Martin, General Dynamics, Boeing and Northrop Grumman . . . have been winning more contracts from DHS"; as a Boeing spokesman put it: "You’ll still continue to see domestically significant investment on the part of the government and leveraging advances in technology to stand up and meet those emerging threats and needs.”

Of course, the key to sustaining this Security State bonanza -- profit for private industry and power for Security State officials -- is keeping fear levels among the citizenry as high as possible, as National Defense expressly notes, and that is accomplished by fixating even on minor and failed attacks, each one of which is immediately seized upon to justify greater expenditures, expansion of security measures, and a further erosion of rights:

Polls still show that there is increasing public concern about another terrorist attack. It is this fear and an unrealistic American perception of risk that will continue to propel some aspects of the market, analysts say. . . .

Small-scale attacks, whether successful or not, will continue to prompt additional spending, the market analysts at Homeland Security Research Corp. say. They point to the failed 2009 Christmas plot of a man trying to blow up a flight to Detroit with explosives sewn into his underwear and the attempted car-bombing in Times Square early the next year. Though unsuccessful, these events led to immediate White House intervention, congressional hearings and an airport screening upgrade costing more than $1.6 billion.

The LA Times, while skillfully highlighting these wasteful programs, depicts them as some sort of unintended inefficiencies. That is exactly what they are not. None of this is unintended or inefficient but is achieving exactly the purposes for which it is designed. That's true for two reasons.

First, this wastefulness is seen as inefficient only if one falsely assumes that its real objective is to combat Terrorist threats. That is not the purpose of what the U.S. Government does. As Daniel Weeks explains today, the Congress -- contrary to popular opinion -- is not "broken"; it is working perfectly for its actual owners. Or, as he puts it, "Washington isn't broken -- it’s fixed":

Our problem today is not a broken government but a beholden one: government is more beholden to special-interest shareholders who fund campaigns than it is to ordinary voters. Like any sound investor, the funders seek nothing more and nothing less than a handsome return -- deficits be darned -- in the form of tax breaks, subsidies and government contracts.

The LA Times, and most people who denounce these spending "inefficiencies," have the causation backwards: fighting Terrorism isn't the goal that security spending is supposed to fulfill; the security spending (and power vested by surveillance) is the goal itself, and Terrorism is the pretext for it. For that reason, whether the spending efficiently addresses a Terrorism threat is totally irrelevant.

Second, while the Security State has little to do with addressing ostensible Terrorist threats, it has much to do with targeting perceived domestic and political threats, especially threats brought about by social unrest from austerity and the growing wealth gap. This Alternet article by Sarah Jafee, entitled "How the Surveillance State Protects the Interests Of the Ultra-Rich," compiles much evidence -- including what I offered two weeks ago -- demonstrating that the prime aim of the growing Surveillance State is to impose domestic order, preserve prevailing economic prerogatives and stifle dissent and anticipated unrest.

Read the full article at Salon.com

------------------------------------------------------------------------------------

Glenn Greenwald was previously a constitutional law and civil rights litigator in New York. He is the author of the New York Times Bestselling book "How Would a Patriot Act?," a critique of the Bush administration's use of executive power, released in May 2006. His second book, "A Tragic Legacy", examines the Bush legacy. His next book is titled "With Liberty and Justice for Some: How the Law Is Used to Destroy Equality and Protect the Powerful."

more Glenn Greenwald

.
--------------------------------------------------------------------------------

Article printed from www.CommonDreams.org

Source URL: http://www.commondreams.org/view/2011/08/29-10
.

Fukushima cesium leaks 'equal 168 Hiroshima bombs

2011-08-26T10:44:00.000-07:00

Fukushima cesium leaks 'equal 168 Hiroshima bombs
-----------------------------------------------------------------------------------

TOKYO —
The Japanese government estimates the amount of radioactive cesium-137 released by the Fukushima nuclear disaster so far is equal to that of 168 Hiroshima bombs, a news report said Thursday.

Government nuclear experts, however, said the World War II bomb blast and the accidental reactor meltdowns at Fukushima, which has seen ongoing radiation leaks but no deaths so far, were beyond comparison.

The amount of cesium-137 released since the three reactors were crippled by the March 11 quake and tsunami has been estimated at 15,000 tera becquerels, the Tokyo Shimbun reported, quoting a government calculation.

That compares with the 89 tera becquerels released by “Little Boy”, the uranium bomb the United States dropped on the western Japanese city in the final days of World War II, the report said.

The estimate was submitted by Prime Minister Naoto Kan’s cabinet to a lower house committee on promotion of technology and innovation, the daily said.

The government, however, argued that the comparison was not valid.

While the Hiroshima bomb claimed most of its victims in the intense heatwave of a mid-air nuclear explosion and the highly radioactive fallout from its mushroom cloud, no such nuclear explosions hit Fukushima.

There, the radiation has seeped from molten fuel inside reactors damaged by hydrogen explosions.

“An atomic bomb is designed to enable mass-killing and mass-destruction by causing blast waves and heat rays and releasing neutron radiation,” the Tokyo Shimbun daily quoted a government official as saying. “It is not rational to make a simple comparison only based on the amount of isotopes released.”

Government officials were not immediately available to confirm the report.

The blinding blast of the Hiroshima bomb and its fallout killed some 140,000 people, either instantly or in the days and weeks that followed as high radiation or horrific burns took their toll.

At Fukushima, Japan declared a 20-kilometer evacuation and no-go zone around the plant after the March 11 quake and tsunami triggered the world’s worst nuclear accident since Chernobyl 25 years ago.

A recent government survey showed that some areas within the 20-kilometer zone are contaminated with radiation equivalent to more than 500 millisieverts per year—25 times more than the government’s annual limit.

© 2011 AFP

STOP the Destruction of the Frisco Peninsula!

2011-08-26T08:23:00.001-07:00

For those who haven't noticed yet, the county

is completely destroying the Frisco peninsula.

All of the trees are being cut down- thanks to

the collusion between the corporate military-

infested US Forest Service and greedy tree-

cutting companies.

Its not enough that our forests are killed by a

rich, arrogant, decadent gas-guzzling culture of

materialism and overconsumption, the tree-cutters

and bureaucracies that endorse and carry out

this type of wanton destruction are so INSANE

that they see nothing but dollar bills and profit

(at the expense of our recreation areas and bike paths)

in dead and dying trees caused by rapid global

climate change.

Tree-cutting- or should i say environmentally

destructive "clear-cutting" -is so out of control in this

county, it falls into the catagory of criminal conduct.

Therefore, i call for the immediate arrest, prosecution

and incarceration (into Guantanamo) of all US Forest

Service, Summit County and private contractor tree-

cutting officials and personnel engaged in these

act of ecoterrorism upon our local forest environment.

Shane Wright

Crown Point Rd

Frisco, Colorado

~all the birds and chipmunks REALLY thank you Summit County

for destroying our habitat. Nature's PAYBACK is on the way......

The Whole World Will Be Exposed From The Radiation From Fukushima

2011-08-23T13:24:00.000-07:00

"The Whole World Will Be Exposed From The Radiation From Fukushima"
--------------------------------------------------------------------------------
URL: http://www.washingtonsblog.com/2011/08/whole-world-will-be-exposed-from.html

---------------------------------------------------------------------------------

Physicist Michio Kaku appeared on 60 Minutes (the Australian edition), and said:

The whole world will be exposed from the radiation from Fukushima.

[The Japanese people] are guinea pigs, absolute human guinea pigs.

In fact, radiation experts say that huge quantities of radiation are currently being released by Fukushima.

In addition to direct releases, the Japanese are burning radioactive material, putting much more radioactivity into the air.

Japanese doctors are warning about the dangers of radiation for the Japanese people ... especially kids.

Nuclear expert Arnie Gundersen says that radioactive rain-outs were documented recently in British Columbia and Oklahoma with geiger counters.

And former Nasa photo analyst Michael Rivero - who has been measuring radiation levels in Oahu, Hawaii, every day since the Japanese earthquake - reports the highest radiation readings yet are occurring right now.

Postscript: No, the levels of radiation we're being exposed to are not safe. And see this.
2 comments:

signalfire said...

We've got 10 years, tops, to figure out how to clean radiation from the oceans of the world and how to treat aggressive radiation caused cancers in upwards of 90% of the population, every species.

We have less time than that to figure out how to stop letting the arrogant sociopaths rule our economies and our technologies.
August 18, 2011 10:31 PM
Foppe said...

Tepco responds to Independent article: http://www.newscientist.com/article/dn20811-did-quake-or-tsunami-cause-fukushima-meltdown.html (article very vague on details.)
August 20, 2011 8:45 AM

Post a Comment

→ Thank you for contributing to the conversation by commenting. We try to read all of the comments (but don't always have the time).

→ If you write a long comment, please use paragraph breaks. Otherwise, no one will read it. Many people still won't read it, so shorter is usually better (but it's your choice).

→ The following types of comments will be deleted if we happen to see them:

-- Comments that criticize any class of people as a whole, especially when based on an attribute they don't have control over

-- Comments that explicitly call for violence

→ Because we do not read all of the comments, I am not responsible for any unlawful or distasteful comments.

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)
Twitter
profile
Washington
WashingtonsBlog

Forget the Banks ... "If You Take Households In Total, They Are Also All Interconnected. They Are Also Too Big To Fail" http://t.co/PBICK5W 13 hours ago · reply · retweet · favorite

Radiation Will Pollute the Area Around Chernobyl Up 10 Times Longer Than Models Predicted - Between 180 and 320 Years. http://t.co/byXC0i1 19 hours ago · reply · retweet · favorite

Libyan War: Gaddafi Falls ... But Why Did We Invade In The First Place? http://t.co/YaJc2Ox yesterday · reply · retweet · favorite

I-N-S-O-L-V-E-N-T: Citigroup Was In Debt To The Fed 7 Out Of Every 10 Days From August 2007 Through April 2010. http://t.co/q4DbfMb yesterday · reply · retweet · favorite
Join the conversation
Followers
translate
Subscribe
Posts
Comments
contact
Pen
We read all emails sent to us, but are too busy to respond to many. We greatly appreciate the feedback and leads.

If you wish to reproduce any essays from this site:

You may reproduce our essays as long as you give proper attribution (Washington's Blog) and provide a link to our site.
Click Here For Free Financial And Energy Widgets

Blog Archive

▼ 2011 (494)
▼ August (72)
Forget the Banks ... "If You Take Households In To...
Radiation Will Pollute the Area Around Chernobyl F...
Libya War: Gaddafi Falls ... But Why Did We Invade...
I-N-S-O-L-V-E-N-T: Citigroup Was In Debt To The Fe...
By Choosing The Big Banks Over The Little Guy, The...
Photos: Oil At BP's Deepwater Horizon Gulf Spill S...
D.C. is Like a Separate Country ... One Which Coul...
What Wordpress Template Should We Use?
You Are NOT Authorized to Watch This Video ... Do ...
Fukushima Worker On Camera: “The Holes And Cracks ...
Amazing Science Breakthroughs
Corruption At The Top Leads To Lawlessness By The ...
Ron Paul "Just Think Of All Those Troops Spending ...
The Real Reason the SEC Has Been Shredding Documen...
"The Whole World Will Be Exposed From The Radiatio...
Gold Will Crash As Soon As the Economy Stabilizes....
"Vermont Health Officials Say Radioactive Tritium ...
BP's Gulf Oil Well May Be Leaking AGAIN: "The Oil...
Roubini: "Gold, Like US Treas Yields, Is Pricing R...
Chavez Nationalizes Venezuela's Gold Industry, Rec...
U.S. Knew Within Days that Fukushima Had Melted Do...
Radiation Expert: Huge Quantities of Radiation Are...
Report: Workers Say Ground Under Fukushima Plant I...
"The Global Plutocracy Is Terrified of Dissent. In...
Must-Watch Video: Popular MSNBC Anchor Reports the...
Quantitative Easing: "Didn't Work", "Is Good For T...
1-Year Gold Price Forecasts: JP Morgan Predicts $2...
Free Market Economist Nouriel Roubini: "Karl Marx ...
48% Think Spending Cuts Could Trigger Violence
No, Mr. Krugman … War is NOT Good for the Economy
Galbraith: "Stimulus Alone Was Never Going To Brin...
Corporate Media Admit They Censor Candidates Who C...
Nuclear Expert: Radioactive Rain-Outs Will Contin...
Austerity and Runaway Inequality Lead to Violence ...
The Meaning of the British Riots
Both Consumer Confidence And The Labor Participati...
The World's Money Is Draining Away ... Where's It ...
Bush and Clinton Counter-Terrorism Czar Alleges Ma...
Clusterfukushima
Bank of America Stock Is Up ... But So Are Credit ...
"It's A Bought Tax Code. We're Harvesting Trillion...
Obama Is Implementing Plans For War Throughout the...
Former Labor Secretary: Obama Hopes to Distract th...
Psychologists: “The Idea Of Nobless Oblige Or Tric...
Legendary Investor Jeremy Grantham: America is a B...
Fun With Google Translate
CNBC: British Riots - And Unrest Worldwide - Cause...
Mad As Hell
Obama The Pretend Populist: Says He's Fighting For...
Dow Falls 635: Sixth Biggest Stock Market Crash E...
Ongoing Scalping of Americans and "Never-Ending De...
Bank of America Down 20% Today After Being Sued by...
Fannie and Freddie Downgraded, France Will Be Down...
Credit Downgrade May Hammer Munis and Stocks Inste...
Christina Romer On Credit Downgrade: We're "Pretty...
Rasmussen Poll: American Sentiment is "Pre-Revolu...
America Loses AAA Credit Rating (Being The Militar...
Risk Off!
Why the Market Is Tanking
Will Easing By The Swiss Central Bank Drive Invest...
If Bruce Lee Played Soccer
Poll: Christians Are Much More Likely to Condone ...
Do Gold Prices Rise Whenever the Debt Ceiling is R...
Fukushima Radiation Highest Ever, Exceeding Capaci...
The Super Congress: Taxation Without Representatio...
The Average Life Expectancy For A Fiat Currency Is...
Website Design: Clean and Crisp ... Or Too Minimal...
“Even By American Legislative Standards, This Deal...
Obama Still Wall Street's Honey ... Raises More (A...
Mainstream Media Is A Cheerleader for Fear
"Many Americans Believe That The 2008-2009 Downtur...
36-Year Congressman John Conyers Calls for Protest...

Towards a World War III Scenario, Global Research Publication

2011-08-23T13:20:00.001-07:00

Towards a World War III Scenario.
New E-Book from Global Research Publishers

By Michel Chossudovsky
---------------------------------------------------------------------------------------
Global Research, June 30, 2011

The following is a preview from the preface of a newly released E-book by Global Research Publishers

"Towards a World War III Scenario: The Dangers of Nuclear War" by Michel Chossudovsky

E-Book Series No. 1.0
Global Research Publishers
Montreal, 2011,
ISBN 978-0-9737147-3-9

76 pages (8.5x11)
Tables, color photographs, maps, text boxes.
Active hyperlinks to major references in the text, hyperlinked footnotes.

Scroll down for Detailed Table of Contents
Order your pdf of this important new book from Global Research here

Introductory offer: $5.00 (plus $1.50 processing fee. Sent directly to your email!)
OR receive this book FREE with your Global Research Annual Membership! Click to learn more.

The World is at a critical crossroads. The Fukushima disaster in Japan has brought to the forefront the dangers of Worldwide nuclear radiation.

Coinciding with the onset of the nuclear crisis in Japan, a new regional war theater has opened up in North Africa, under the disguise of a UN sponsored "humanitarian operation" with the mandate to "protect civilian lives".

These two seemingly unrelated events are of crucial importance in understanding both the nuclear issue as well as the ongoing US-NATO sponsored war, which has now extended its grip into Libya. The crisis in Japan has been described as "a nuclear war without a war". Its potential repercussions, which are yet to be fully assessed, are far more serious than the Chernobyl disaster, as acknowledged by several scientists.

The crisis in Japan has also brought into the open the unspoken relationship between nuclear energy and nuclear war. Nuclear energy is not a civilian economic activity. It is an appendage of the nuclear weapons industry which is controlled by the so-called defense contractors. The powerful corporate interests behind nuclear energy and nuclear weapons overlap. In Japan at the height of the disaster, "the nuclear industry and government agencies [were] scrambling to prevent the discovery of atomic-bomb research facilities hidden inside Japan's civilian nuclear power plants".[1] The media consensus is that the crisis at Fukushima's five nuclear power plants has been contained. The realties are otherwise. The Japanese government has been obliged to acknowledge that "the severity rating of its nuclear crisis ... matches that of the 1986 Chernobyl disaster". Moreover, the dumping of highly radioactive water into the Pacific Ocean constitutes a potential trigger to a process of global radioactive contamination. Radioactive elements have not only been detected in the food chain in Japan, radioactive rain water has been recorded in California:

"Hazardous radioactive elements being released in the sea and air around Fukushima accumulate at each step of various food chains (for example, into algae, crustaceans, small fish, bigger fish, then humans; or soil, grass, cow's meat and milk, then humans). Entering the body, these elements - called internal emitters - migrate to specific organs such as the thyroid, liver, bone, and brain, continuously irradiating small volumes of cells with high doses of alpha, beta and/or gamma radiation, and over many years often induce cancer".[2]

A New War Theater in North Africa

The War on Libya was launched within days of the Fukushima disaster. As we go to press, a dangerous process of military escalation is ongoing. NATO warplanes are hitting civilian targets in Libya including residential areas and government buildings in violation of international law.

The war on Libya is an integral part of the broader military agenda in the Middle East and Central Asia which until recently consisted of three distinct areas of conflict : Afghanistan and Pakistan (the AfPak War), Iraq, Palestine. A fourth war theater has opened up in North Africa, which raises the issue of escalation over a vast geographical area. These four war theaters are interrelated. They are part of a broader region of conflict, which extends from North Africa and the Middle East, engulfing a large part of the Mediterranean basin, to China's Western frontier with Afghanistan, and Northern Pakistan.

How does the war on Libya relate to this broader US-NATO military agenda?

Is a World War III scenario unfolding?

Is the use of nuclear weapons contemplated in North Africa?

With regard to nuclear doctrine, the concept of a US sponsored pre-emptive nuclear attack applies to a number of countries or "rogue states" including Libya. An all out war against the Qadhafi regime has been on the drawing board of the Pentagon for more than 20 years, Moreover, Libya was the first country to be tagged for a preemptive attack using tactical nuclear weapons.[3] The Clinton administration's plan to nuke Libya had been announced in no uncertain terms in a 1996 Department of Defense press briefing:

"[The] Air Force would use the B61-11 [nuclear weapon] against Libya's alleged underground chemical weapons plant at Tarhunah if the President decided that the plant had to be destroyed. 'We could not take [Tarhunah] out of commission using strictly conventional weapons,' Smith told the Associated Press. The B61-11 'would be the nuclear weapon of choice,' he [Assistant Secretary of Defense Harold P. Smith] told Jane Defence Weekly.[4]

Clinton's Defense Secretary William Perry had confirmed in a statement to the Senate Foreign Relations Committee that "the U.S. retained the option of using nuclear weapons against countries [e.g. Libya] armed with chemical and biological weapons."[5] The Department of Defense's objective was to fast track the "testing" of the B61-11 nuclear bomb on an actual country and that country was Libya: "Even before the B61 came on line, Libya was identified as a potential target".[6]

While the 1996 plan to bomb Libya using tactical nuclear weapons was subsequently shelved, Libya was not removed from the "black list": "The Qadhafi regime" remains to this date a target country for a pre-emptive ("defensive") nuclear attack. As revealed by William Arkin in early 2002, "The Bush administration, in a secret policy review... [had] ordered the Pentagon to draft contingency plans for the use of nuclear weapons against at least seven countries, naming not only Russia and the "axis of evil" Iraq, Iran, and North Korea but also China, Libya and Syria.[7]

Operation Odyssey Dawn. Nuclear Weapons against Libya? How Real is the Threat?

Has the project to nuke Libya been definitively shelved or is Libya still being contemplated as a potential target for a nuclear attack? (This preface serves as an update on the potential dangers of a nuclear war against a defenseless non-nuclear State). The air campaign directed against Libya commenced on March 19, 2011. America deployed its Bat-shaped B-2 Spirit Stealth bombers operating out of the Whiteman Air Force Base in Missouri. Described as "deadly and effective", the B-2 was used as an instrument of "humanitarian warfare".

Barely two weeks after the commencement of the war, the Pentagon announced the testing of the B61-11 nuclear bomb using the same B-2 Stealth bombers which had been deployed to Libya at the very outset of Operation Odyssey Dawn. The B-2 Spirit Stealth bomber is the US Air Force's chosen "carrier" for the delivery of the B61-11 nuclear bomb. These timely tests pertained to the installed equipment, functionality and weapon's components of the B61-11 nuclear bomb. The tests were conducted by the B-2 bombers operating out of the same Air Force base, from which the B-2 bombing raid on Libya were conducted.[8]

Is the timing of these tests in any way related to the chronology of the Libya bombing campaign?

The U.S. Air Force Global Strike Command was in charge of both the JTA tests of the B61-11 as well as the deployment of three B-2 Spirit Stealth bombers to Libya on March 19 under operation Odyssey Dawn. Both the deployment of the B-2s to the Libya war theater as well as the tests of the equipment of the B61-11 (using the B-2 bomber for delivery) were coordinated out of Whiteman Air Force base.

America's Long War: The Global Military Agenda

The US has embarked on a military adventure, “a long war”, which threatens the future of humanity. The first two chapters of this E-book focus on the "Cult of Death and Destruction" underlying this global military agenda. US-NATO weapons of mass destruction are portrayed as instruments of peace. Mini-nukes are said to be "harmless to the surrounding civilian population". Pre-emptive nuclear war is portrayed as a "humanitarian undertaking". Nuclear war has become a multibillion dollar undertaking, which fills the pockets of US defense contractors. What is at stake is the outright "privatization of nuclear war".

US nuclear doctrine is intimately related to "America's War on Terrorism" and the alleged threat of Al Qaeda, which in a bitter irony is considered as an upcoming nuclear power. Under the Obama administration, Islamic terrorists are said to be preparing to attack US cities. Proliferation is tacitly equated with “nuclear terrorism”. Obama's nuclear doctrine puts particular emphasis on “nuclear terrorism” and on the alleged plans by Al Qaeda to develop and use nuclear weapons.

Chapter III focusses on America's Holy Crusade and the Battle for Oil. The “Global War on Terrorism” requires going after the terrorists, using advanced weapons systems. US foreign policy upholds a pre-emptive religious-like crusade against evil, which serves to obscure the real objectives of military action. In the inner consciousness of Americans, the attacks of September 11, 2001 justify acts of war and conquest against evil-doers. The Global War on Terrorism is presented as a “clash of civilizations”, a war between competing values and religions, when in reality it is an outright war of conquest, guided by strategic and economic objectives. The lies behind 9/11 are known and documented. The American people’s acceptance of this crusade against evil is not based on any rational understanding or analysis of the facts. "The American inquisition" purports to extend Washington’s sphere of influence. Military intervention is justified as part of an international campaign against “Islamic terrorists”. Its ultimate intention, which is never mentioned in press reports, is territorial conquest and control over strategic resources. Ironically, under the Global War on Terrorism, these plans of conquest are instrumented by covertly supporting Islamic paramilitary armies, which are then used to destabilize non-compliant governments and impose Western standards of "governance" and "democracy".

World War III Scenario

The contours of a World War III scenario are discussed in Chapter IV. The Pentagon’s global military design is one of world conquest. The military deployment of US-NATO forces is occurring in several regions of the World simultaneously. Militarization at the global level is instrumented through the US military's Unified Command structure: the entire planet is divided up into geographic Combatant Commands under the control of the Pentagon. According to (former) NATO Commander General Wesley Clark, the Pentagon’s military road-map consists of a sequence of war theaters: “[The] five-year campaign plan [includes]... a total of seven countries, beginning with Iraq, then Syria, Lebanon, Libya, Iran, Somalia and Sudan.”

Chapter V focusses on war preparations pertaining to Iran, including the launching of a pre-emptive nuclear attack on the Islamic Republic. While Iran remains on the Pentagon's drawing board, a fundamental shift in the sequencing of military operations has occurred. The US-NATO-Israel alliance realizes that Iran has significant capabilities to respond and retaliate. With the onset of the US-NATO led war in North Africa, Washington and its allies have chosen to wage war on countries with lesser military capabilities. This factor in itself has been crucial in the decision by the US and its allies to put "the Iran operation" on hold, while launching a "humanitarian war" on Libya.

How to Reverse the Tide of War

Chapter VI focusses on antiwar actions directed against this diabolical military agenda. Central to an understanding of war, is the media campaign which grants it legitimacy in the eyes of public opinion. A good versus evil dichotomy prevails. The perpetrators of war are presented as the victims. Public opinion is misled: “We must fight against evil in all its forms as a means to preserving the Western way of life.” Breaking the "big lie" which upholds war as a humanitarian undertaking, means breaking a criminal project of global destruction, in which the quest for profit is the overriding force. This profit-driven military agenda destroys human values and transforms people into unconscious zombies.

The holding of mass demonstrations and antiwar protests is not enough. What is required is the development of a broad and well organized grassroots antiwar network, across the land, nationally and internationally, which challenges the structures of power and authority. People must mobilize not only against the military agenda, the authority of the state and its officials must also be challenged. This war can be prevented if people forcefully confront their governments, pressure their elected representatives, organize at the local level in towns, villages and municipalities, spread the word, inform their fellow citizens as to the implications of a nuclear war, initiate debate and discussion within the armed forces.

The object of this E-Book is to forcefully reverse the tide of war, challenge the war criminals in high office and the powerful corporate lobby groups which support them.

Break the American Inquisition.

Undermine the US-NATO-Israel military crusade.

Close down the weapons factories and the military bases.

Members of the armed forces should disobey orders and refuse to participate in a criminal war.

Bring home the troops.

Notes

1. See Yoichi Shimatsu, Secret Weapons Program Inside Fukushima Nuclear Plant? Global Research, April 12, 2011
2. Helen Caldicott, Fukushima: Nuclear Apologists Play Shoot the Messenger on Radiation, The Age, April 26, 2011
3. See Michel Chossudovsky, America's Planned Nuclear Attack on Libya, Global Research, March 25, 2011.
4. Federation of American Scientists, The Nuclear Information Project: the B61-11
5. Ibid, See also Greg Mello, The Birth Of a New Bomb; Shades of Dr. Strangelove! Will We Learn to Love the B61-11? The Washington Post, June 1, 1997
6. Bulletin of the Atomic Scientists - September/ October 1997, p. 27. For further details see Michel Chossudovsky, America's Planned Nuclear Attack on Libya, Global Research, March 25, 2001
7. See William Arkin, "Thinking the Unthinkable", Los Angeles Times, March 9, 2002.
8. In late March or early April (prior to April 4), the B-2 Spirit Stealth bomber from the 509th Bomber Wing operating out of Whiteman Air Force Base, was used in the so-called "Joint Test Assembly" (JTA) of the B61 Mod 11 nuclear bomb.
The announcement of these tests was made public on April 4; the precise date of the tests was not revealed, but one can reasonably assume that it was in the days prior to the April 4 press release by the National Nuclear Security Administration (NNSA. Press Release, NNSA Conducts Successful B61-11 JTA Flight Test, April 4, 2011. For further details see Michel Chossudovsky, Dangerous Crossroads: Is America Considering the Use of Nuclear Weapons against Libya? Global Research, April 7, 2011

Montreal, May 2011

Order your pdf of this important new book from Global Research here
Introductory offer: $5.00 (plus $1.50 processing fee. Sent directly to your email!)
OR receive this book FREE with your Global Research Annual Membership! Click to learn more.

Michel Chossudovsky is an award-winning author, Professor of Economics (Emeritus) at the University of Ottawa. He is the Founder and Director of the Centre for Research on Globalization (CRG), Montreal and Editor of the globalresearch.ca website. He is the author of The Globalization of Poverty and The New World Order (2003) and America’s “War on Terrorism” (2005). He is also a contributor to the Encyclopaedia Britannica. His writings have been published in more than twenty languages.

This E-Book is dedicated to the memory of Dr. Alice C. Tang, who devoted her life to global peace, the pursuance of truth, military disarmament and the prevention of nuclear war. Alice Tang's proposal was titled “Two Percent, No First Strike.” The pledge would be that no nation shall spend more than 2 percent of its GDP on military purposes, and no nation would be a “first strike” aggressor with nuclear weapons.

Acknowledgments

Research for this E-book was conducted over a period of almost ten years. Our sincere thanks to Global Research members and our readers, whose support has enabled us to develop our publishing and educational outreach activities.

I am much indebted to Maja Romano of the Center for Research on Globalization (CRG) for her support in the editing process as well for the creative design of the front page graphics. I extend my thanks and appreciation to Réjean Mc Kinnon, for the careful typesetting, layout and production of the E-Book and to Drew McKevitt for her assistance in the copyediting of the manuscript.

"Towards a World War III Scenario: The Dangers of Nuclear War" by Michel Chossudovsky

E-Book Series No. 1.0
Global Research Publishers
Montreal, 2011

ISBN 978-0-9737147-3-9
76 pages (8.5x11)
Tables, color photographs, maps, text boxes.
Active hyperlinks to major references in the text, hyperlinked footnotes.

Order your pdf of this important new book from Global Research here

Introductory offer: $5.00 (plus $1.50 processing fee. Sent directly to your email!)
OR receive this book FREE with your Global Research Annual Membership! Click to learn more.

DETAILED TABLE OF CONTENTS

PREFACE

A New War Theater in North Africa
Operation Odyssey Dawn
Nuclear Weapons against Libya? How Real is the Threat?
America's Long War: The Global Military Agenda
How to Reverse the Tide of War
World War III Scenario
Acknowledgments

CHAPTER I: INTRODUCTION

The Cult of Killing and Destruction
America’s Mini-nukes
War and the Economic Crisis
Real versus Fake Crises

CHAPTER II: THE DANGERS OF NUCLEAR WAR

Hiroshima Day 2003: Secret Meeting at Strategic Command Headquarters
The Privatization of Nuclear War: US Military Contractors Set the Stage
9/11 Military Doctrine: Nuclear Weapons and the “Global War on Terrorism”
Al Qaeda: “Upcoming Nuclear Power”
Obama’s Nuclear Doctrine: The 2010 Nuclear Posture Review
Post 9/11 Nuclear Doctrine
“Defensive” and “Offensive” Actions
“Integration” of Nuclear and Conventional Weapons Plans
Theater Nuclear Operations (TNO)
Planned Aerial Attacks on Iran
Global Warfare: The Role of US Strategic Command (USSTRATCOM)
Nuclear Weapons Deployment Authorization
Israel’s Stockpiling of Conventional and Nuclear Weapons
The Role of Western Europe
Germany: De Facto Nuclear Power
Pre-emptive Nuclear War: NATO’s 2010 Strategic Concept
The World is at a Critical Crossroads

CHAPTER III: AMERICA’S HOLY CRUSADE AND THE BATTLE FOR OIL

America’s Crusade in Central Asia and the Middle East
“Homegrown Terrorists”
The American Inquisition
Washington’s Extrajudicial Assassination Program
The Battle for Oil
The Oil Lies in Muslim Lands
Globalization and the Conquest of the World’s Energy Resources

CHAPTER IV: PREPARING FOR WORLD WAR THREE

Media Disinformation
A “Pre-emptive” Aerial Attack Directed Against Iran would Lead to Escalation
Global Warfare
US “Military Aid”
The Timetable of Military Stockpiling and Deployment
World War III Scenario
The United Nations Security Council
The American Inquisition: Building a Political Consensus for War

CHAPTER V: TARGETING IRAN WITH NUCLEAR WEAPONS

Building a Pretext for a Pre-emptive Nuclear Attack
“Theater Iran Near Term”
The Military Road Map: “First Iraq, then Iran”
Simulated Scenarios of a Global War: The Vigilant Shield 07 War Games
The Role of Israel
Cheney: “Israel Might Do it Without Being Asked”
US Israel Military Coordination
Tactical Nuclear Weapons directed against Iran
Radioactive Fallout
“The Mother of All Bombs” (MOAB) Slated to be Used Against Iran
Extensive Destruction of Iran’s Infrastructure
State of the Art Weaponry: “War Made Possible Through New Technologies”
Electromagnetic Weapons
Iran’s Military Capabilities: Medium and Long Range Missiles
Iran’s Ground Forces
US Military and Allied Facilities Surrounding Iran

CHAPTER VI: REVERSING THE TIDE OF WAR

Revealing the Lie
The Existing Anti-War Movement
Manufacturing Dissent
Jus ad Bellum: 9/11 and the Invasions of Yugoslavia and Afghanistan
Fake Antiwar Activism: Heralding Iran as a Nuclear Threat
The Road Ahead
The Antiwar Movement within the State Structure and the Military
Abandon the Battlefield: Refuse to Fight
The Broader Peace Process
What has to be Achieved

Order your pdf of this important new book from Global Research here

Introductory offer: $5.00 (plus $1.50 processing fee. Sent directly to your email!)
OR receive this book FREE with your Global Research Annual Membership! Click to learn more.

Disclaimer: The views expressed in this article are the sole responsibility of the author and do not necessarily reflect those of the Centre for Research on Globalization. The contents of this article are of sole responsibility of the author(s). The Centre for Research on Globalization will not be responsible or liable for any inaccurate or incorrect statements contained in this article.

To become a Member of Global Research

The CRG grants permission to cross-post original Global Research articles on community internet sites as long as the text & title are not modified. The source and the author's copyright must be displayed. For publication of Global Research articles in print or other forms including commercial internet sites, contact: crgeditor@yahoo.com

www.globalresearch.ca contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to our readers under the provisions of "fair use" in an effort to advance a better understanding of political, economic and social issues. The material on this site is distributed without profit to those who have expressed a prior interest in receiving it for research and educational purposes. If you wish to use copyrighted material for purposes other than "fair use" you must request permission from the copyright owner.

URL of this site: http://globalresearch.ca/PrintArticle.php?articleId=25185

Large Area Of Japan To Be Declared Indefinitely Uninhabitable From Fukushima Radiation

2011-08-23T13:16:00.000-07:00

NY Times: Large Area Of Japan To Be Declared Indefinitely Uninhabitable, Perhaps For Decades
----------------------------------------------------------------------------------

In a deceitful article that downplays the extent and severity of the radiation contamination, the NY Times has announced that Japan is expected officially declare a large area of Japan surrounding Fukushima indefinitely uninhabitable, perhaps for decades.

According to the report from the New York Times, the government of Japan is expected to make the official announcement later today which will declare a large area of land within the 12 mile evacuation zone around the Fukushima nuclear power plant uninhabitable for an indefinite period of time.

The announcement comes following the release of a government sponsored survey that found radiation levels up to .5 sieverts (500 millisieverts) per year within the 12 mile evacuation zone.

The NY Times article, however, misleads the reader on several points, including implying that harmful levels of radiation have only been found within the 12 mile evacuation limit and that Japan has set a safety limit of 20 millisieverts per year of radiation exposure.

The NY Times articles ignores several reports of high levels of radiation far beyond the evacuation zone such as radiation levels above the Chernobyl evacuation limit found 120 miles away in Tokyo.

Instead, the article misleads the reader into believing the radiation threat is contained within the evacuation zone which is the official position of the Government of Japan.

Even China recently blasted the Japan in a report that revealed high levels of radiation have been found in 100,000 square miles of the Pacific Ocean up to distances 800 kilometers from the Fukushima nuclear plant, which is far beyond the limits of contamination officially reported by Japan.

The NY Times article also misleads the reader into believing that Japan has set a safety limit of 20 millisieverts per year of radiation exposure.

Truth be told, Japan officials have repeatedly stressed a safety limit of 100 millisieverts per year of radiation exposure, even for children and pregnant women.

For example, this video shows radiation levels at 50 microsieverts per hour in near Fukushima Daiyon Elementary School where children are still attending which is 60 Kilometers away from the Fukushima nuclear plant.

That converts to an annual radiation dose of 0.438 sieverts (438 millisieverts) per year 37 miles from the Fukushima nuclear plant. This is only one of several examples of radiation being detected at extremely high levels. There are also many examples with levels of radiation being detected much higher than this.

The NY Times does however highlight the fact that up until now the government of Japan shied away from statements about the area around the reactor being permanently uninhabitable and the expected announcement is a reversal of that position.

The New York Times reports:

Large Zone Near Japanese Reactors to Be Off Limits

TOKYO — Broad areas around the stricken Fukushima Daiichi nuclear plant could soon be declared uninhabitable, perhaps for decades, after a government survey found radioactive contamination that far exceeded safe levels, several major media outlets said Monday.

The formal announcement, expected from the government in coming days, would be the first official recognition that the March accident could force the long-term depopulation of communities near the plant, an eventuality that scientists and some officials have been warning about for months. Lawmakers said over the weekend — and major newspapers reported Monday — that Prime Minister Naoto Kan was planning to visit Fukushima Prefecture, where the plant is, as early as Saturday to break the news directly to residents. The affected communities are all within 12 miles of the plant, an area that was evacuated immediately after the accident.

The government is expected to tell many of these residents that they will not be permitted to return to their homes for an indefinite period. It will also begin drawing up plans for compensating them by, among other things, renting their now uninhabitable land. While it is unclear if the government would specify how long these living restrictions would remain in place, news reports indicated it could be decades. That has been the case for areas around the Chernobyl plant in Ukraine after its 1986 accident.

[...]

The government was apparently forced to alter its plans after the survey by the Ministry of Science and Education, released over the weekend, which showed even higher than expected radiation levels within the 12-mile evacuation zone around the plant. The most heavily contaminated spot was in the town of Okuma about two miles southwest of the plant, where someone living for a year would be exposed to 508.1 millisieverts of radiation — far above the level of 20 millesieverts per year that the government considers safe.

The survey found radiation above the safe level at three dozen spots up to 12 miles from the plant. That has called into question how many residents will actually be able to return to their homes even after the plant is stabilized.

[...]

Source: NY Times

Perhaps more disgusting is the Japanese media makes no mention of the plans to be indefinite, which could last for decades.

NHK implies they just not be lifted for the time being and the government “has decided to keep off-limits the areas where it is not safe for people to return home for a long time”.

Evacuation orders to remain in effect

The government has decided to have Prime Minister Naoto Kan explain to municipalities near the Fukushima Daiichi plant that exclusion orders in some areas will remain in effect due to high levels of radiation.

The government had planned to consider lifting exclusion orders within 20 kilometers from the plant after cold shutdown of the reactors has been achieved.

However, it has decided to keep off-limits the areas where it is not safe for people to return home for a long time.

Areas subject to the measure are those quite close to the plant and where radiation levels remain very high.

The government will arrange for Kan to explain to affected municipalities that exclusion orders will likely remain in effect for a long time and about how the government will support the former residents.

The government’s nuclear accident task force indicated on August 9 that some areas are likely to be too contaminated for people to return home for a long time.

It plans to work with local municipalities to decide on long-term measures and plans for reconstruction.

Source: NHK

Lethal Levels of Radiation At Fukushima Infer Millions Dying

2011-08-19T12:42:00.000-07:00

Experts: Lethal Levels of “Off-Scale” Radiation At Fukushima Infer Millions Dying

-------------------------------------------------------------------------------

URL: http://blog.alexanderhiggins.com/2011/08/08/experts-lethal-levels-offscale-radiation-fukushima-infer-millions-dying-51761/

-------------------------------------------------------------------------------

Experts warn off-scale levels of radiation, which are at their highest levels since the disaster began almost 5 months ago, infers hundreds millions dying from the nuclear fallout.

Deborah Dupre, Human Rights Examiner
August 5, 2011

Fukushima nuclear power plant radiation recordings of external gamma radiation have been so high this week, they went off scale said veteran nuclear expert Arnie Gunderson on Thursday after the famous physicist, Dr. Chris Busby told the Japanese people this week that radioactive air contamination there now is 300 times that of Chernobyl and 1000 times the atomic bomb peak in 1963, possibly inferring that hundreds of millions of people are now dying from Fukushima radiation, including people in the United States.

If noticing unusual amounts of hair falling out, confusion, nose bleeds or other odd symptoms typical of radiation sickness, it might be due to the United States record high levels of radiation, now multiple times acceptable safety limits not only on the west coast, but also in other locations around the nation.

Because Fukushima radiation data retrieval and interpretation has been so complex or non-existent for the concerned public, citizen reporters in Japan and United States have now established easily accessible ways to view radiation levels on the internet.

Fukushima radiation depopulation unfathomable: Possibly 100s of millions deaths

Dr Janette Sherman, a highly respected physician and acknowledged expert in radiation exposure who has reported a north-east United States 35% baby death spike since Fukushima fall-out reached the nation, concurs with estimates that world wide, the Chernobyl Kill is one million people killed to date reported NOVA News. Extrapolating, worldwide deaths by Fukushima radiation could eventually be hundreds of millions of people, becoming the most significant depopulation event to date.

Watch: Top U.S doctor says millions will die

http://www.youtube.com/watch?v=oFGX6Tnj-xM NUCLEAR POWER PLANTS ARE BAD!

“Soon after the Fukushima accident last month, I stated publicly that a nuclear event of this size and catastrophic potential could present a medical problem of very large dimensions. Events have proven this observation to be true despite the nuclear industry’s campaign about the “minimal” health effects of so-called low-level radiation.” –Dr. Helen Caldicott http://wn.com/ReportajeMontreal
______________________________________
*Disclaimer-ReportajeMontreal provides no endorsement of the amy2x Channel or the use of any of it’s work on the amy2x Channel.

The amy2x Channel provides no endorsement of this Film or ReportajeMontreal.The amy2x channel is not responsible for the content or accuracy of this film. This Film is provided for your viewing enjoyment.
______________________________________
The Light of the World,Movie(Full Length Movie)
http://www.youtube.com/watch?v=HWO_peGaGvg

Dr. Chris Busby, world famous physicist, said tests conducted at the respected Harwell Radiation Laboratory in England demonstrate that airborne radiation in Japan is 1,000 times higher than radioactive “fallout” at the peak in 1963 of H-Bomb detonations by nuclear powers. In March, Busby had estimated that Fukushima radiation to be 72,000 times greater than what the United States released at Hiroshima.

“Let’s wipe the Tokyo Electric Power Company and the General Electric officials and policy makers off the face of the Earth, as they manifestly deserve,” asserted Dr. Busby when addressing the Japanese this week.

Watch: Lethal Levels of Radiation at Fukushima: What Are the Implications?

TEPCO has discovered locations on the Fukushima plant site with lethal levels of external gamma radiation. Fairewinds takes a close look at how this radiation might have been deposited and how similar radioactive material would have been released offsite.

Thirty-nine year nuclear industry veteran Arnie Gunderson of Fairwinds stated Tuesday,”There will continue to be enormous spikes for at least ten years.”

Dr. Busby advocates not only independent studies of the nuclear catastrophe. He received a resounding applause when he told the Japanese people this week that in his opinion, scientists who said this accident was not a problem must be prosecuted.

“Many nuclear scientists said it was not a problem when the knew it was a serious accident. People who listened to those scientists and did not run away when they should have. Because of that, people will die.”

Busby explained that the World Health Organization is tied to the Nuclear Industry so their research is bogus. In studying Fukushima, the World Health Organization expects to find no effects “and so that’s what they’ll find,” he said.

According to Dr. Helen Caldicott, WHO’s subjugation to the nuclear industry has been widely known since May 28, 1959, when at the 12th World Health Assembly, WHO drafted an agreement with the International Atomic Energy Agency (IAEA) granting the right of prior approval over any research it might undertake or report on to the IAEA, the group many people, including some journalists, think is a neutral watchdog but is, “in fact, an advocate for the nuclear power industry.”

”The agency shall seek to accelerate and enlarge the contribution of atomic energy to peace, health and prosperity through the world,” the founding papers state, as reported in The Age.

Latest nuclear ‘peace, health and prosperity’ spike

TEPCO discovered a hot spot location on the Fukushima nuclear power plant site a few days ago with lethal levels of external gamma radiation.

How the latest radiation spike at Fukushima might have been deposited and also how similar radioactive material would have been released off-site was presented this week by Gunderson, with over 25-years of experience in nuclear decommissioning oversight, co-authored the first edition of the Department Of Energy (DOE) Decommissioning Handbook. (See embedded Vimeo, “Lethal Levels of Radiation at Fukushima: What Are the Implications?“, Arnie Gunderson, Fairwinds)

Gunderson noted that over 1000 REMs were released according to TEPCO earlier this week, an amount that, “if there, would mean death within a couple of days.”

“Those kinds of exposures cause extensive neurological breakdowns that can’t be reversed medically,” Gunderson reported.

Fukushima nuclear power plant radiation recordings of external gamma radiation have been so high this week, they went off scale said veteran nuclear expert Arnie Gunderson on Thursday after the famous physicist, Dr. Chris Busby told the Japanese people this week that radioactive air contamination there now is 300 times that of Chernobyl and 1000 times the atomic bomb peak in 1963, possibly inferring that hundreds of millions of people are now dying from Fukushima radiation, including people in the United States.

If noticing unusual amounts of hair falling out, confusion, nose bleeds or other odd symptoms typical of radiation sickness, it might be due to the United States record high levels of radiation, now multiple times acceptable safety limits not only on the west coast, but also in other locations around the nation.

Because Fukushima radiation data retrieval and interpretation has been so complex or non-existent for the concerned public, citizen reporters in Japan and United States have now established easily accessible ways to view radiation levels on the internet.

Fukushima radiation depopulation unfathomable: Possibly 100s of millions deaths

Dr Janette Sherman, a highly respected physician and acknowledged expert in radiation exposure who has reported a north-east United States 35% baby death spike since Fukushima fall-out reached the nation, concurs with estimates that world wide, the Chernobyl Kill is one million people killed to date reported NOVA News. Extrapolating, worldwide deaths by Fukushima radiation could eventually be hundreds of millions of people, becoming the most significant depopulation event to date.

Dr. Chris Busby, world famous physicist, said tests conducted at the respected Harwell Radiation Laboratory in England demonstrate that airborne radiation in Japan is 1,000 times higher than radioactive “fallout” at the peak in 1963 of H-Bomb detonations by nuclear powers. In March, Busby had estimated that Fukushima radiation to be 72,000 times greater than what the United States released at Hiroshima.

“Let’s wipe the Tokyo Electric Power Company and the General Electric officials and policy makers off the face of the Earth, as they manifestly deserve,” asserted Dr. Busby when addressing the Japanese this week.

Thirty-nine year nuclear industry veteran Arnie Gunderson of Fairwinds stated Tuesday,”There will continue to be enormous spikes for at least ten years.”

Dr. Busby advocates not only independent studies of the nuclear catastrophe. He received a resounding applause when he told the Japanese people this week that in his opinion, scientists who said this accident was not a problem must be prosecuted.

“Many nuclear scientists said it was not a problem when the knew it was a serious accident. People who listened to those scientists and did not run away when they should have. Because of that, people will die.”

Busby explained that the World Health Organization is tied to the Nuclear Industry so their research is bogus. In studying Fukushima, the World Health Organization expects to find no effects “and so that’s what they’ll find,” he said.

According to Dr. Helen Caldicott, WHO’s subjugation to the nuclear industry has been widely known since May 28, 1959, when at the 12th World Health Assembly, WHO drafted an agreement with the International Atomic Energy Agency (IAEA) granting the right of prior approval over any research it might undertake or report on to the IAEA, the group many people, including some journalists, think is a neutral watchdog but is, “in fact, an advocate for the nuclear power industry.”

”The agency shall seek to accelerate and enlarge the contribution of atomic energy to peace, health and prosperity through the world,” the founding papers state, as reported in The Age.

Latest nuclear ‘peace, health and prosperity’ spike

TEPCO discovered a hot spot location on the Fukushima nuclear power plant site a few days ago with lethal levels of external gamma radiation.

How the latest radiation spike at Fukushima might have been deposited and also how similar radioactive material would have been released off-site was presented this week by Gunderson, with over 25-years of experience in nuclear decommissioning oversight, co-authored the first edition of the Department Of Energy (DOE) Decommissioning Handbook. (See embedded Vimeo, “Lethal Levels of Radiation at Fukushima: What Are the Implications?“, Arnie Gunderson, Fairwinds)

Gunderson noted that over 1000 REMs were released according to TEPCO earlier this week, an amount that, “if there, would mean death within a couple of days.”

“Those kinds of exposures cause extensive neurological breakdowns that can’t be reversed medically,” Gunderson reported.

2012 Likely to Reach Record High Global Temperature, according to NASA

2011-08-10T13:30:00.000-07:00

2012 Likely to Reach Record High Global Temperature, according to NASA
--------------------------------------------------------------------------------

URL: http://www.accuweather.com/blogs/climatechange/effects-of-global-warming/38255/2012-likely-to-reach-record-hi-1.asp
----------------------------------------------------------------------------------

2012 Likely to Reach Record High Global Temperature, according to NASAOct 4, 2010; 8:52 AM ET
NASA's Goddard Institute for Space Studies (GISS) just posted a recap of the summer of 2010. Along with that, they also made some predictions about the global temperatures for 2011 and 2012.

As many of you already know, the summer of 2010 was the 4th warmest on record, according to GISS records, which date back to 1880. The summer of 2009 was the second warmest.

According to GISS, the reason 2010 was a bit cooler than 2009 was the recent transition to a moderate La Nina.

GISS also points out that Antarctica was unusually cold for the winter months of 2010, while the winter of 2009 was relatively mild. Antarctic temperature anomalies fluctuate chaotically from year to year, so this is not unusual according to GISS.

Other key statements from the NASA GISS press release..........

...the temperature anomaly in one place in one season has limited relevance to global trends. Unfortunately it is common for the public to take the most recent local seasonal temperature anomaly as indicative of long-term climate trends.

This does not mean that local anomalies are unrelated to global trends, but it is necessary to look at statistics.

8 of the last 10 summers were warmer than the 1951-1980 mean in the United States and Japan, and 10 of 10 in Europe. So if you are perceptive and old enough, you should be able to notice a trend toward warmer seasons.

-----

The above map provides an indication of the likely effect of the current cooling trend on the rank of the 2010 calendar year temperature anomaly. The maps compare January-August temperature anomalies for 2010, 2005 (the warmest year in the GISS analysis), and 1998 (one of the warmest years in the GISS analysis, the temperature being boosted by the "El Nino of the century"). 2010 is clearly the warmest of these years for the first eight months. However,the above map shows that the monthly anomalies in 2010 have declined steadily over the past five months as the Pacific Ocean moved into the La Niña phase. The last four months of 2005 (green line) were unusually warm, so it is not possible to say yet whether 2005 or 2010 will be the warmest calendar year in the GISS analysis. It is likely that the 2005 and 2010 calendar year means will turn out to be sufficiently close that it will be difficult to say which year was warmer.

---------

Projections of trends over the next few years are possible based on the following considerations: (1) the planet is out of energy balance by at least several tenths of one W/m2 due to the rapid increase of greenhouse gases during the past few decades, as confirmed by measurements of changing ocean heat content, (2) inertia of energy systems that assures continuing growth of atmospheric CO2 by about 2 ppm per year for the next few years, (3) expectation that the solar irradiance will climb out of the recent long-lasting solar minimum, as shown in Figure 5, (4) model projections suggesting that the current La Niña may bottom out near the end of 2010. Given the dominant effect of El Niño-La Niña on short-term temperature change and the usual lag of a few months between the Nino index and its effect on global temperature, it is unlikely that 2011 will reach a new global record temperature.

In contrast, it is likely that 2012 will reach a record high global temperature.

Given the association of extreme weather and climate events with rising global temperature, the expectation of new record high temperatures in 2012 also suggests that the frequency and magnitude of extreme events could reach a high level in 2012.

SAVING THE PLANET

2011-08-10T12:45:00.000-07:00

Saving the Planet

--------------------------------------------------------------------------------

URL: http://pulsar774.tripod.com

--------------------------------------------------------------------------------

by Steven Craig Jones

--------------------------------------------------------------------------------

****Introduction

1. Chapter 1: World in Turmoil

2. Chapter 2: Weapons and Warfare

3. Chapter 3: Global Climate Change

4. Chapter 4: The Global Water Crisis

5. Chapter 5: The World Population Explosion

6. Chapter 6: Deforestation/Desertification

7. Chapter 7: Solar, Wind and Anti-Gravity

8. Chapter 8: Diet For a New World

9. Chapter 9: Global Information Revolution

10. Chapter 10: International Sustainable Development

11. Chapter 11: The Green World Order

12. Chapter 12: Saving the Planet

****Afterword

****References/Bibliography

****About the Author

Confronting the Threat of Global Climate Change: Alex Jones and Co/Rockefeller-Soros

2011-08-09T13:59:00.001-07:00

Alex Jones and Co/Rockefeller-Soros:
-------------------------------------------------

Global warming is the # 1 international security threat to mankind in the 21st century.
BOTH the globalist and anti-globalist camps have a golden opportunity to come together
and help solve this problem for the whole of humanity.

Alex Jones and Co; you need to recognize this issue for the supreme environmental threat that it is. Rockefeller/Soros-
you need to stop making this a human control issue by constructing a carbon enslavement
mechanism of global police state control. BOTH of you need to compromise and start to work together
for a change. Both camps must learn to use your talents, genius and moral authority to
construct a global green society for the benefit of all, with freedom and human dignity intact.
(Let us preserve the US 1st, 2nd and 4th amendments for the whole of humanity)

This is NOT a fight between the values of 1776 and 1984, this is call for human EVOLUTION
in the spirit of 2001 (remember the movie?). So, here is the grand opportunity to come together in the spirit of compromise and the chance for all
to EVOLVE to a higher dimension in the interests of helping transit the human species through
the rapid white waters we are now passing through.

World Government is inevitable and the natural progression of the human enterprise. Let us make it work for
all humanity with basic freedoms and respect for human rights intact, and the value and dignity of life its top priority.

Regards,
Steve Jones
aka- Jonas the Prophet
Colorado Rockies
USA

http://pulsar774.tripod.com
http://jonastheprophet.tk

----------------------------------------------------------------------------------------

Rothschild JEWS Own the USA

2011-08-08T16:24:00.000-07:00

"The Israeli Lobby owns the Congress, media, Hollywood, Wall Street, both political parties, and the White House. This kind of talk will get people fired by this lobby, as we have seen recently with White House correspondent Helen Thomas and CNN anchor Rick Sanchez. However, many Americans are growing tired of the arrogance of the Israel Lobby and their bigoted attitudes toward anyone who challenges their influence-peddling and their ridiculous insistence that Israel must be supported because of some ancient fairy tales involving some tribes who wandered the deserts of the Middle East and saw and heard non-existent things because of sun stroke, drinking bad water, and smoking local hallucinogenic plants."
- Wayne Madsen

------------------------------------------------------------------------------

SEE URL:

http://intljewry7.20m.com

The US Federal Government Declares War on the Nation

2011-08-08T16:19:00.000-07:00

The US Federal Government Declares War on the Nation
----------------------------------------------------------------
URL: http://www.infowars.com/the-federal-government-declares-war-on-the-nation

----------------------------------------------------------------------------

- Infowars - http://www.infowars.com -

The Federal Government Declares War on the Nation

Sartre
Infowars.com
August 8, 2011

How strangely will the Tools of a Tyrant pervert the plain Meaning of Words!
–Samuel Adams

A twenty-first century rewrite of the Seven Days in May screenplay is certainly in order, this time with a different ending.

The recent debt limit congressional circus must be a new Twilight Zone episode written by a computerized program straight out of central casting. Rod Serling must be turning in his grave. A twenty-first century rewrite of his exceptional Seven Days in May screenplay is certainly in order, this time with a different ending. If there are any confused or co-opted worshipers of the federal government left, what more proof do you need that the bipartisan political criminal class is determined to destroy this nation? Not convinced that this assessment is correct; then you need remediable instruction in arithmetic. Increasing the spending with more borrowed money cannot reduce the debt.

The world financial markets are voting with their money, that the U.S of A. will no longer be the leader of free market enterprise. The flow of hot money into Treasury Bonds is tantamount to feeding the alligator with the hope that eating forged paper will forgo its appetite for flesh. This is the same strategy used to shackle market makers and docile societies into accepting, that the world financial system must be saved from their own greed and pillage, so that the dependent vassals can continue to pay their tribute.

The beltway bottom feeders know just how to scare their pudden-head constituents. With the complicity of the corporate controlled media, the task of getting away with murder has been elevated to a supreme political art form. ‘Pols’ can fool some of the public with all the false causes and bogus reasons for the dysfunctional federal government, but can they escape the distrust in their deal making skills, that never resolve any substantive issues? Even the current New York Times and CBS poll, cannot hide the disgust with an 82% disapproval sentiment.

This level of discontent is expected by anyone who understands the decade’s long destruction of the fundamental nature of the “federalism” form of the separation of powers principle. Many observers recognize the gross offense of adopting a gang of 12 approach for shepherding their flock in Congress to accept the dictums in the Amerika version of the Soviet Politburo.

Cited in The New American, the good Napolitano, Judge Andrew weights in correctly.

“Napolitano raised another — and unassailable — objection to the legislation. Napolitano noted: “This is this Congress binding itself and all future Congresses to a simple up-or-down vote.” In that sense, the new “Super Congress” joint committee is truly revolutionary, and unquestionably unconstitutional. Under the Constitution, no Congress can bind a subsequent Congress with rules of procedure, which is why one of the first acts of every new Congress after an election is for the House and Senate to separately approve new rules.”

Our friends over at Prison Planet quote the indomitable Larry Pratt.

“This is a game changer, they’ve decided that we don’t need the House of Representatives to originate revenue bills, we’ll just have the ‘super 12′ do that,” said Pratt, adding that Barack Obama would become the de facto deciding 13th member.

Legislation decided on by the Super Congress would be immune from amendment and lawmakers would only be able to register an up or down vote, eliminating the ability to filibuster.”

This attempt to relegate the House and Senate to water boy status is clear proof that the first causality of the federal dictatorship is to eat their own noncompliant elements in the legislature. When a NeoCon disinformation and newspeak publication like The Weekly Standard jumps on the bandwagon, you better grab your ankles. “Three Republican Senate sources tell TWS that senators who vote against the deal will be ineligible to serve on the so-called “supercommittee” for deficit reduction that the legislation creates.”

Purity of ideological devotion to the globalist integration of the former Republic is the true test of a collectivist commissar. Two world wars later and several police action conflicts removed, the extension of the garrison empire continues to expand. Name any definitive benefit that the populace gained from all the squander of treasure and the shedding of blood. All the time the bulwark of constitutional limited government is systematically dismantled.

The unfettered growth of government is the only reality that matters to the federal fascists. An economy that relies upon government spending for continuation is a zombie zone of the walking dead. The alternate media presents unending examples of this death march onto reservation of predatory prisons. An isolated cell awaits – with a number in place of your name. The silence of most occupants in the land of the timid breeds the sterile culture of fearful chickens. What more evidence does any citizen need that the federal government is organized and posed to repeat the same atrocities’ that totalitarian regimes committed in the last century?

What makes it much more acute is that a net of surveillance and a draconian database covers the entire globe. The satellite spy in the sky era extends to every aspect of communication, financial transactions and personal activity. The land of the free is now the camp of the interned.

How paradoxical, when you hear the regurgitation from progressive government lovers, that the federal and state agencies provide solutions, when the real irony is that these numb nuts are clueless what true populism represents, much less how to achieve a humane society.

Folks, the enemy have just declared itself as the Washington establishment and you are in the sniper sights of their full spectrum dominance scope. Research to your hearts content all the dire consequences of the despotic cabal that masquerades as your elected representatives. Notwithstanding, the pace of your own personal awakening; without direct and focused action, your fate is sealed.

An entire nation is not helpless resisting tyranny if citizens rebel. Only if you prefer denial to self-respect will the forces of treason prevail. Many Americans are not committed to liberty, and most fear personal responsibility of their own individual obligations. The hoi polloi never change history; they just accept the outcome. Isn’t this a prime reason why the Federal government continues to go on its merry way? The entire apparatus of the illegitimate bureaucracies steers the suppression of the will of the people.

The Obama nightmare is just one more leg in a complex plan to destroy the aims and purpose for fighting the American Revolution. The excessive conduct of federal loyalists loves their abuses of the public trust. When DC continually spends the people’s money and never has to pay back the unlimited loans, the lifestyle of the rich and famous, becomes part of government pensions and perks. There is no gambling risk or prospect of a loss as long as the taxpayer and future generations are providing the stakes.

There has never been a true civil war in this country. The War of Northern Aggression was waged precisely to prevent the Southern States from secession. The prospects of an enlightened and dedicated population taking up arms and defeating the military-industrial-security-complex require a miracle . . . turning water into wine. The creatures that dwell in this country are cloned cowards afraid of their own shadow. Forget about armed confrontation. Any attempt using violence plays into the hands of the Gestapo state.

However, developing a civilization of respectable civil disobedience is entirely in keeping with the best tradition of Western culture and Judeo-Christian teachings. Doubters can examine the recent book by Chuck and Timothy Baldwin, ROMANS 13: THE TRUE MEANING OF SUBMISSION for validation.

The federal government’s war against the Inherent Autonomy of the individual is the greatest danger to your own sustained existence and the survival of the nation. There is no way to reform a totally corrupt and crooked system of criminals. Families are being added to the extinct species list every day by a government that codifies same sex marriage and encourages abortions. Stating this factual axiom of civilized behavior is an unforgivable taboo to the Statists, who want the power over life and death and the eventual eradication of the family structure.

The core natural right and principle of individual self-defense is sacrosanct. Resistance to a despotic presidency and a crippled congress is a moral imperative. Defending, fighting and dying for the State, especially when that government is targeting you for annihilation, is absurd. The obvious elimination of witnesses to the diversion bin Laden raid illustrates just how ruthless the rogue government acts, even to their own special troops.

“A military helicopter was shot down in eastern Afghanistan, killing 31 U.S. special operation troops, most of them from the elite Navy SEALs unit that killed al-Qaida leader Osama bin Laden.”

The unceasing slurs against the Tea Party movement by a scared system through the misdirection media and their globalist masters is a sure sign that citizen participation in the political process is an act of resistance against the evil empire. The warfare state has mobilized against the American rebels. As the financial temple collapses and prices escalate, the pressure for “PC” compliance spreads like wildfire. Singling out selected dissenters for retribution requires the rest of the country joining in an uproar of protest.

Your life is at stake, ban together for dynamic resistance and confrontation. There is no other alternative. The Federal Government has started another undeclared war, but this time their homeland security proceeds to eradicate all real patriotic citizens and champions of liberty. This Twilight Zone episode needs a conclusion where the mythical Jordan Lyman ( no matter what name he uses ) is removed and all ensuing presidential treason is justly punished.

The World's Greatest Depression/Alex Jones- Gerald Celente, Aug 3rd, 2011

2011-08-04T13:40:00.000-07:00

URL:

http://www.youtube.com/watch?v=_MoorNBr1Oc&feature=player_embedded

The Non-GMO Project/The Non-GMO Shopping Guide

2011-08-04T13:06:00.000-07:00

URLS:

http://www.nongmoproject.org
http://www.nongmoshoppingguide.com