S. 2105 (112th): Cybersecurity Act of 2012

Feb 14, 2012 (112th Congress, 2011–2013)
Died (Reported by Committee)
Joseph Lieberman
Senator from Connecticut
Read Text »
Last Updated
Feb 15, 2012
206 pages
Related Bills
S. 3414 (Related)

Failed Cloture
Last Action: Nov 14, 2012

S. 2151 (Related)

Referred to Committee
Last Action: Mar 01, 2012


This bill was introduced on February 15, 2012, in a previous session of Congress, but was not enacted.

Introduced Feb 14, 2012
Reported by Committee Feb 15, 2012
Full Title

A bill to enhance the security and resiliency of the cyber and communications infrastructure of the United States.


No summaries available.

4 cosponsors (3D, 1R) (show)

Senate Homeland Security and Governmental Affairs

The committee chair determines whether a bill will move past the committee stage.

Primary Source

THOMAS.gov (The Library of Congress)

GovTrack gets most information from THOMAS, which is updated generally one day after events occur. Activity since the last update may not be reflected here. Data comes via the congress project.


Get a bill status widget for your website »


Click a format for a citation suggestion:


S. stands for Senate bill.

A bill must be passed by both the House and Senate in identical form and then be signed by the president to become law.

The bill’s title was written by its sponsor.

GovTrack’s Bill Summary

We don’t have a summary available yet.

Library of Congress Summary

The summary below was written by the Congressional Research Service, which is a nonpartisan division of the Library of Congress.

Cybersecurity Act of 2012 - Directs the Secretary of Homeland Security (DHS), in consultation with owners and operators of critical infrastructure, the Critical Infrastructure Partnership Advisory Council, and other federal agencies and private sector entities, to:
(1) to conduct a top-level assessment of cybersecurity risks to determine which sectors face the greatest immediate risk, and beginning with the sectors identified as having the highest priority, conduct, on a sector-by-sector basis, cyber risk assessments of the critical infrastructure;
(2) establish a procedure for the designation of critical infrastructure;
(3) identify or develop risk-based cybersecurity performance requirements; and
(4) implement cyber response and restoration plans.
Sets forth requirements for securing critical infrastructure, including notification of cyber risks and threats and reporting of significant cyber incidents affecting critical infrastructure.
Defines "critical infrastructure" as systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, or national public health or safety.
Amends the Federal Information Security Management Act of 2002 (FISMA) to revise information security requirements for federal agencies and provide for continuous monitoring of, and streamlined reporting of, cybersecurity risks.
Amends the Homeland Security Act of 2002 to consolidate existing DHS resources for cybersecurity within a National Center for Cybersecurity and Communications. Sets forth the duties of the Center, including managing efforts to secure, protect, and ensure the resiliency of the federal information infrastructure, supporting private sector efforts to protect such infrastructure, prioritizing efforts to address the most significant risks to the information infrastructure, and ensuring privacy protections.
(1) the DHS Secretary to implement outreach and awareness programs on cybersecurity;
(2) the DHS Secretary and the Secretary of Commerce to establish a program to identify, develop, and recruit talented individuals to work in cybersecurity;
(3) the Director of the National Science Foundation (NSF) to establish a program to stimulate innovation in basic cybersecurity research and development and to recruit and train cybersecurity professionals; and
(4) the Director of the Office of Personnel Management (OPM) to assess the readiness and capacity of the federal workforce to meet cybersecurity needs and to establish a cybersecurity awareness and education curriculum for all federal employees and contractors.
Requires the Secretary of Education to develop model curriculum standards to address cybersecurity issues for elementary school students and for students in institutions of higher education and career and technical institutions.
Requires federal agencies to adopt OPM best practices for motivating employees to demonstrate leadership in cybersecurity.
Requires the Director of the Office of Science and Technology Policy to develop a national cybersecurity research and development plan to advance the development of new technologies to protect against evolving cyberthreats.
Requires the DHS Secretary to coordinate with private sector and academic experts, the Secretaries of Defense (DOD), Commerce, and State, the Director of National Intelligence (DNI), and other federal agencies to develop and periodically update an acquisition risk management strategy to ensure the security of the federal information infrastructure.
Authorizes private entities to disclose or receive lawfully obtained cybersecurity threat information to protect an information system. Establishes a process to designate cybersecurity exchanges for distributing, receiving, and exchanging cybersecurity threat information. Allows a non-federal entity to disclose lawfully obtained cybersecurity threat information to an exchange. Provides legal protections for entities engaged in cybersecurity monitoring activities, including a good faith defense.
Directs the DHS Secretary and the Secretary of Defense (DOD) to report to Congress annually on major cyber incidents involving networks of executive agencies and military departments. Requires the Attorney General and the Director of the Federal Bureau of Investigation (FBI) to report on investigations and prosecutions of cybercrimes. Requires the Attorney General to report on the ability of federal courts to grant timely relief in matters relating to cybercrime.
Requires the DHS Secretary to report on: (1) available technical options to enhance the security of critical infrastructure, (2) legal or other impediments to public awareness of cybersecurity threats, and (3) the national security implications of a disruption of the U.S. electric grid caused by a cyber attack.
Expresses the sense of Congress with respect to engaging in international cooperation to advance U.S. cyberspace objectives and combat cybercrime.
Authorizes the Secretary of State to designate a senior State Department official to coordinate diplomatic efforts on the full range of international cyber issues.
Requires the Secretary to assess and report on significant global issues, trends, and actors with respect to cybercrime and to give priority in foreign assistance to programs designed to combat cybercrime.

House Republican Conference Summary

The summary below was written by the House Republican Conference, which is the caucus of Republicans in the House of Representatives.

No summary available.

House Democratic Caucus Summary

The House Democratic Caucus does not provide summaries of bills.

So, yes, we display the House Republican Conference’s summaries when available even if we do not have a Democratic summary available. That’s because we feel it is better to give you as much information as possible, even if we cannot provide every viewpoint.

We’ll be looking for a source of summaries from the other side in the meanwhile.

Use the comment space below for discussion of the merits of S. 2105 (112th) with other GovTrack users.
Your comments are not read by Congressional staff.

comments powered by Disqus