View all text of Chapter 401 [§ 40101 - § 40132]
§ 40131. National airspace system cyber threat management process
(a)Establishment.—The Administrator of the Federal Aviation Administration, in consultation with the heads of other agencies as the Administrator determines necessary, shall establish a national airspace system cyber threat management process to protect the national airspace system cyber environment, including the safety, security, and efficiency of air navigation services provided by the Administration.
(b)Issues To Be Addressed.—In establishing the national airspace system cyber threat management process under subsection (a), the Administrator shall, at a minimum—
(1) monitor the national airspace system for significant cybersecurity incidents;
(2) in consultation with appropriate Federal agencies, evaluate the cyber threat landscape for the national airspace system, including updating such evaluation on both annual and threat-based timelines;
(3) conduct national airspace system cyber incident analyses;
(4) create a cyber common operating picture for the national airspace system cyber environment;
(5) coordinate national airspace system significant cyber incident responses with other appropriate Federal agencies;
(6) track significant cyber incident detection, response, mitigation implementation, recovery, and closure;
(7) establish a process, or utilize existing processes, to share relevant significant cyber incident data related to the national airspace system;
(8) facilitate significant cybersecurity reporting, including through the Cybersecurity and Infrastructure Agency; and
(9) consider any other matter the Administrator determines appropriate.
(c)Definitions.—In this section:
(1)Cyber common operating picture.—The term “cyber common operating picture” means the correlation of a detected cyber incident or cyber threat in the national airspace system and other operational anomalies to provide a holistic view of potential cause and impact.
(2)Cyber environment.—The term “cyber environment” means the information environment consisting of the interdependent networks of information technology infrastructures and resident data, including the internet, telecommunications networks, computer systems, and embedded processors and controllers.
(3)Cyber incident.—The term “cyber incident” means an action that creates noticeable degradation, disruption, or destruction to the cyber environment and causes a safety or other negative impact on operations of—
(A) the national airspace system;
(B) civil aircraft; or
(C) aeronautical products and articles.
(4)Cyber threat.—The term “cyber threat” means the threat of an action that, if carried out, would constitute a cyber incident or an electronic attack.
(5)Electronic attack.—The term “electronic attack” means the use of electromagnetic spectrum energy to impede operations in the cyber environment, including through techniques such as jamming or spoofing.
(6)Significant cyber incident.—The term “significant cyber incident” means a cyber incident, or a group of related cyber incidents, that the Administrator determines is likely to result in demonstrable harm to the national airspace system of the United States.
(Added Pub. L. 118–63, title III, § 393(a), May 16, 2024, 138 Stat. 1144.)