Collapse to view only § 2349cc. Findings
- § 2349cc. Findings
- § 2349cc-1. Authorization of assistance and funding for cyberspace, digital connectivity, and related technologies (CDT) capacity building activities
- § 2349cc-2. Review of emergency assistance capacity
- § 2349cc-3. Authorization of appropriations
§ 2349cc. FindingsCongress makes the following findings:
(1) Increasingly digitized and interconnected social, political, and economic systems have introduced new vulnerabilities for malicious actors to exploit, which threatens economic and national security.
(2) The rapid development, deployment, and integration of information and communication technologies into all aspects of modern life bring mounting risks of accidents and malicious activity involving such technologies, and their potential consequences.
(3) Because information and communication technologies are globally manufactured, traded, and networked, the economic and national security of the United State 1
1 So in original. Probably should be “States”.
depends greatly on cybersecurity practices of other actors, including other countries.(4) United States assistance to countries and international organizations to bolster civilian capacity to address national cybersecurity and deterrence in cyberspace can help—
(A) reduce vulnerability in the information and communication technologies ecosystem; and
(B) advance national and economic security objectives.
(Pub. L. 87–195, pt. II, § 591, as added Pub. L. 118–31, div. F, title LXIII, § 6307, Dec. 22, 2023, 137 Stat. 990.)
§ 2349cc–1. Authorization of assistance and funding for cyberspace, digital connectivity, and related technologies (CDT) capacity building activities
(a) AuthorizationThe Secretary of State is authorized to provide assistance to foreign governments and organizations, including national, regional, and international institutions, on such terms and conditions as the Secretary may determine, in order to—
(1) advance a secure and stable cyberspace;
(2) protect and expand trusted digital ecosystems and connectivity;
(3) build the cybersecurity capacity of partner countries and organizations; and
(4) ensure that the development of standards and the deployment and use of technology supports and reinforces human rights and democratic values, including through the Digital Connectivity and Cybersecurity Partnership.
(b) Scope of usesAssistance under this section may include programs to—
(1) advance the adoption and deployment of secure and trustworthy information and communications technology (ICT) infrastructure and services, including efforts to grow global markets for secure ICT goods and services and promote a more diverse and resilient ICT supply chain;
(2) provide technical and capacity building assistance to—
(A) promote policy and regulatory frameworks that create an enabling environment for digital connectivity and a vibrant digital economy;
(B) ensure technologies, including related new and emerging technologies, are developed, deployed, and used in ways that support and reinforce democratic values and human rights;
(C) promote innovation and competition; and
(D) support digital governance with the development of rights-respecting international norms and standards;
(3) help countries prepare for, defend against, and respond to malicious cyber activities, including through—
(A) the adoption of cybersecurity best practices;
(B) the development of national strategies to enhance cybersecurity;
(C) the deployment of cybersecurity tools and services to increase the security, strength, and resilience of networks and infrastructure;
(D) support for the development of cybersecurity watch, warning, response, and recovery capabilities, including through the development of cybersecurity incident response teams;
(E) support for collaboration with the Cybersecurity and Infrastructure Security Agency (CISA) and other relevant Federal agencies to enhance cybersecurity;
(F) programs to strengthen allied and partner governments’ capacity to detect, investigate, deter, and prosecute cybercrimes;
(G) programs to provide information and resources to diplomats engaging in discussions and negotiations around international law and capacity building measures related to cybersecurity;
(H) capacity building for cybersecurity partners, including law enforcement and military entities as described in subsection (f);
(I) programs that enhance the ability of relevant stakeholders to act collectively against shared cybersecurity threats;
(J) the advancement of programs in support of the Framework of Responsible State Behavior in Cyberspace; and
(K) the fortification of deterrence instruments in cyberspace; and
(4) such 1
1 So in original.
other purpose and functions as the Secretary of State may designate.(c) Responsibility for policy decisions and justificationThe Secretary of State shall be responsible for policy decisions regarding programs under this part, with respect to—
(1) whether there will be cybersecurity and digital capacity building programs for a foreign country or entity operating in that country;
(2) the amount of funds for each foreign country or entity; and
(3) the scope and nature of such uses of funding.
(d) Detailed justification for uses and purposes of fundsThe Secretary of State shall provide, on an annual basis, a detailed justification for the uses and purposes of the amounts provided under this part, including information concerning—
(1) the amounts and kinds of grants;
(2) the amounts and kinds of budgetary support provided, if any; and
(3) the amounts and kinds of project assistance provided for what purpose and with such amounts.
(e) Assistance and funding under other authorities
(f) Availability of funds
(g) Notification requirements
(Pub. L. 87–195, pt. II, § 592, as added Pub. L. 118–31, div. F, title LXIII, § 6307, Dec. 22, 2023, 137 Stat. 990.)
§ 2349cc–2. Review of emergency assistance capacity
(a) In general
The Secretary of State, in consultation as appropriate with other relevant Federal departments and agencies is authorized to conduct a review that—
(1) analyzes the United States Government’s capacity to promptly and effectively deliver emergency support to countries experiencing major cybersecurity and ICT incidents;
(2) identifies relevant factors constraining the support referred to in paragraph (1); and
(3) develops a strategy to improve coordination among relevant Federal agencies and to resolve such constraints.
(b) Report
(Pub. L. 87–195, pt. II, § 593, as added Pub. L. 118–31, div. F, title LXIII, § 6307, Dec. 22, 2023, 137 Stat. 992.)
§ 2349cc–3. Authorization of appropriations
There is authorized to be appropriated $150,000,000 during the 5-year period beginning on October 1, 2023, to carry out the purposes of this part.
(Pub. L. 87–195, pt. II, § 594, as added Pub. L. 118–31, div. F, title LXIII, § 6307, Dec. 22, 2023, 137 Stat. 993.)