Collapse to view only § 7462. International cybersecurity technical standards
- § 7461. Definitions
- § 7462. International cybersecurity technical standards
- § 7463. Cloud computing strategy
- § 7464. Identity management research and development
§ 7461. Definitions
In this subchapter:
(1) Director
(2) Institute
(Pub. L. 113–274, title V, § 501, Dec. 18, 2014, 128 Stat. 2986.)
§ 7462. International cybersecurity technical standards
(a) In general
The Director, in coordination with appropriate Federal authorities, shall—
(1) as appropriate, ensure coordination of Federal agencies engaged in the development of international technical standards related to information system security; and
(2) not later than 1 year after December 18, 2014, develop and transmit to Congress a plan for ensuring such Federal agency coordination.
(b) Consultation with the private sector
(Pub. L. 113–274, title V, § 502, Dec. 18, 2014, 128 Stat. 2986.)
§ 7463. Cloud computing strategy
(a) In general
(b) ActivitiesIn carrying out the strategy described under subsection (a), the Director shall give consideration to activities that—
(1) accelerate the development, in collaboration with the private sector, of standards that address interoperability and portability of cloud computing services;
(2) advance the development of conformance testing performed by the private sector in support of cloud computing standardization; and
(3) support, in coordination with the Office of Management and Budget, and in consultation with the private sector, the development of appropriate security frameworks and reference materials, and the identification of best practices, for use by Federal agencies to address security and privacy requirements to enable the use and adoption of cloud computing services, including activities—
(A) to ensure the physical security of cloud computing data centers and the data stored in such centers;
(B) to ensure secure access to the data stored in cloud computing data centers;
(C) to develop security standards as required under section 278g–3 of this title; and
(D) to support the development of the automation of continuous monitoring systems.
(Pub. L. 113–274, title V, § 503, Dec. 18, 2014, 128 Stat. 2986.)
§ 7464. Identity management research and development
(a) In general
The Director shall carry out a program of research to support the development of voluntary, consensus-based technical standards, best practices, benchmarks, methodologies, metrology, testbeds, and conformance criteria for identity management, taking into account appropriate user concerns to—
(1) improve interoperability and portability among identity management technologies;
(2) strengthen identity proofing and verification methods used in identity management systems commensurate with the level of risk, including identity and attribute validation services provided by Federal, State, and local governments;
(3) improve privacy protection in identity management systems; and
(4) improve the accuracy, usability, and inclusivity of identity management systems.
(b) Digital identity technical roadmap
(c) Digital identity management guidance
(1) In general
(2) Guidance
The Guidance shall—
(A) align with the four criteria in subsection (a), as practicable;
(B) provide case studies of implementation of guidance;
(C) incorporate voluntary technical standards and industry best practices; and
(D) not prescribe or otherwise require the use of specific technology products or services.
(3) Consultation
In carrying out this subsection, the Director shall consult with—
(A) Federal and State agencies;
(B) industry;
(C) potential end-users and individuals that will use services related to digital identity verification; and
(D) experts with relevant experience in the systems that enable digital identity verification, as determined by the Director.
(Pub. L. 113–274, title V, § 504, Dec. 18, 2014, 128 Stat. 2987; Pub. L. 117–167, div. B, title II, § 10225, Aug. 9, 2022, 136 Stat. 1478.)