Center
section 659 of this titleThe term “Center” means the center established under .
Council
section 681f of this titleThe term “Council” means the Cyber Incident Reporting Council described in .
Covered cyber incident
section 681b(b) of this titleThe term “covered cyber incident” means a substantial cyber incident experienced by a covered entity that satisfies the definition and criteria established by the Director in the final rule issued pursuant to .
Covered entity
section 681b(b) of this titleThe term “covered entity” means an entity in a critical infrastructure sector, as defined in Presidential Policy Directive 21, that satisfies the definition established by the Director in the final rule issued pursuant to .
Cyber incident
Cyber threat
section 650 of this titleThe term “cyber threat” has the meaning given the term “cybersecurity threat” in .
Federal entity
section 1501 of this titleThe term “Federal entity” has the meaning given the term in .
Ransom payment
The term “ransom payment” means the transmission of any money or other property or asset, including virtual currency, or any portion thereof, which has at any time been delivered as ransom in connection with a ransomware attack.
Significant cyber incident
The term “significant cyber incident” means a cyber incident, or a group of related cyber incidents, that the Secretary determines is likely to result in demonstrable harm to the national security interests, foreign relations, or economy of the United States or to the public confidence, civil liberties, or public health and safety of the people of the United States.
Virtual currency
The term “virtual currency” means the digital representation of value that functions as a medium of exchange, a unit of account, or a store of value.
Virtual currency address
The term “virtual currency address” means a unique public cryptographic key identifying the location to which a virtual currency payment can be made.
Pub. L. 107–296, title XXII, § 2240Pub. L. 117–103, div. Y, § 103(a)(2)136 Stat. 1039Pub. L. 117–263, div. G, title LXXI, § 7143(b)(2)(N)136 Stat. 3661(, as added , , ; amended , , .)
Editorial Notes
References in Text
Section 659 of this titlesection 650(12) of this titlesection 7143(f)(2) of Pub. L. 117–263section 650 of this title, referred to in par. (5)(A), was subsequently amended, and section 659(a) no longer defines the term “incident”. Reference to term, “incident”, as defined in this chapter deemed to be a reference to that term as defined in , see , set out as a Rule of Construction note under .
Amendments
Pub. L. 117–263, § 7143(b)(2)(N)(i)2022—Par. (2). , (ii), redesignated par. (3) as (2) and struck out former par. (2). Prior to amendment, text of par. (2) read as follows: “The term ‘cloud service provider’ means an entity offering products or services related to cloud computing, as defined by the National Institute of Standards and Technology in NIST Special Publication 800–145 and any amendatory or superseding document relating thereto.”
Pub. L. 117–263, § 7143(b)(2)(N)(ii)Pars. (3) to (5). , redesignated pars. (4) to (6) as (3) to (5), respectively. Former par. (3) redesignated (2).
Pub. L. 117–263, § 7143(b)(2)(N)(ii)section 650 of this titlesection 651 of this titlePar. (6). , (iii), redesignated par. (7) as (6) and substituted “” for “”. Former par. (6) redesignated (5).
Pub. L. 117–263, § 7143(b)(2)(N)(iv)Par. (7). , added par. (7). Former par. (7) redesignated (6).
Pub. L. 117–263, § 7143(b)(2)(N)(iv)section 1501 of this titlePar. (8). , (vi), redesignated par. (13) as (8) and struck out former par. (8). Prior to amendment, text of par. (8) read as follows: “The terms ‘cyber threat indicator’, ‘cybersecurity purpose’, ‘defensive measure’, ‘Federal entity’, and ‘security vulnerability’ have the meanings given those terms in .”
Pub. L. 117–263, § 7143(b)(2)(N)(v)section 659 of this titlePar. (9). , (vi), redesignated par. (16) as (9) and struck out former par. (9). Prior to amendment, text of par. (9) read as follows: “The terms ‘incident’ and ‘sharing’ have the meanings given those terms in .”
Pub. L. 117–263, § 7143(b)(2)(N)(v)section 671 of this titlePar. (10). , (vi), redesignated par. (18) as (10) and struck out former par. (10). Prior to amendment, text of par. (10) read as follows: “The term ‘Information Sharing and Analysis Organization’ has the meaning given the term in .”
Pub. L. 117–263, § 7143(b)(2)(N)(v)Par. (11). , (vi), redesignated par. (19) as (11) and struck out former par. (11). Prior to amendment, text of par. (11) read as follows: “The term ‘information system’—
section 3502 of title 44“(A) has the meaning given the term in ; and
“(B) includes industrial control systems, such as supervisory control and data acquisition systems, distributed control systems, and programmable logic controllers.”
Pub. L. 117–263, § 7143(b)(2)(N)(v)Par. (12). , struck out par. (12). Text read as follows: “The term ‘managed service provider’ means an entity that delivers services, such as network, application, infrastructure, or security services, via ongoing and regular support and active administration on the premises of a customer, in the data center of the entity (such as hosting), or in a third party data center.”
Pub. L. 117–263, § 7143(b)(2)(N)(vi)Par. (13). , redesignated par. (13) as (8).
Pub. L. 117–263, § 7143(b)(2)(N)(v)Par. (14). , struck out par. (14). Text read as follows: “The term ‘ransomware attack’—
“(A) means an incident that includes the use or threat of use of unauthorized or malicious code on an information system, or the use or threat of use of another digital mechanism such as a denial of service attack, to interrupt or disrupt the operations of an information system or compromise the confidentiality, availability, or integrity of electronic data stored on, processed by, or transiting an information system to extort a demand for a ransom payment; and
“(B) does not include any such event where the demand for payment is—
“(i) not genuine; or
“(ii) made in good faith by an entity in response to a specific request by the owner or operator of the information system.”
Pub. L. 117–263, § 7143(b)(2)(N)(v)section 651 of this titlePar. (15). , struck out par. (15). Text read as follows: “The term ‘Sector Risk Management Agency’ has the meaning given the term in .”
Pub. L. 117–263, § 7143(b)(2)(N)(vi)Par. (16). , redesignated par. (16) as (9).
Pub. L. 117–263, § 7143(b)(2)(N)(v)Par. (17). , struck out par. (17). Text read as follows: “The term ‘supply chain compromise’ means an incident within the supply chain of an information system that an adversary can leverage or does leverage to jeopardize the confidentiality, integrity, or availability of the information system or the information the system processes, stores, or transmits, and can occur at any point during the life cycle.”
Pub. L. 117–263, § 7143(b)(2)(N)(vi)Pars. (18), (19). , redesignated pars. (18) and (19) as (10) and (11), respectively.