US Code
CHAPTER 7— NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY
§ 278g–3d. Implementation of coordinated disclosure of security vulnerabilities relating to agency information systems, including Internet of Things devices

(a) Agency guidelines requiredNot later than 2 years after December 4, 2020, the Director of OMB, in consultation with the Secretary, shall develop and oversee the implementation of policies, principles, standards, or guidelines as may be necessary to address security vulnerabilities of information systems (including Internet of Things devices).
(b) Operational and technical assistanceConsistent with section 3553(b) of title 44, the Secretary, in consultation with the Director of OMB, shall provide operational and technical assistance to agencies on reporting, coordinating, publishing, and receiving information about security vulnerabilities of information systems (including Internet of Things devices).
(c) Consistency with guidelines from National Institute of Standards and TechnologyThe Secretary shall ensure that the assistance provided under subsection (b) is consistent with applicable standards and publications developed by the Director of the Institute.
(d) Revision of Federal Acquisition RegulationThe Federal Acquisition Regulation shall be revised as necessary to implement the provisions under this section.

Structure US Code

US Code

Title 15— COMMERCE AND TRADE

CHAPTER 7— NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

§ 271. Findings and purposes

§ 272. Establishment, functions, and activities

§ 272a. Technology services

§ 272b. Annual budget submission

§ 273. Functions; for whom exercised

§ 273a. Under Secretary of Commerce for Standards and Technology

§ 274. Director; powers and duties; report; compensation

§ 275. Hiring critical technical experts

§ 275a. Service charges

§ 275b. Charges for activities performed for other agencies

§ 275c. Cost recovery authority

§ 276. Ownership of facilities

§ 277. Regulations

§ 278. Visiting Committee on Advanced Technology

§ 278a. Repealed. , ,

§ 278b. Working Capital Fund

§ 278c. Acquisition of land for field sites

§ 278d. Construction and improvement of buildings and facilities

§ 278e. Functions and activities

§ 278f. Fire Research Center

§ 278g. International activities

§ 278g–1. Education and outreach

§ 278g–2. Post-doctoral fellowship program

§ 278g–2a. Teacher science and technology enhancement Institute program

§ 278g–3. Computer standards program

§ 278g–3a. Definitions

§ 278g–3b. Security standards and guidelines for agencies on use and management of Internet of Things devices

§ 278g–3c. Guidelines on the disclosure process for security vulnerabilities relating to information systems, including Internet of Things devices

§ 278g–3d. Implementation of coordinated disclosure of security vulnerabilities relating to agency information systems, including Internet of Things devices

§ 278g–3e. Contractor compliance with coordinated disclosure of security vulnerabilities relating to agency Internet of Things devices

§ 278g–4. Information Security and Privacy Advisory Board

§ 278g–5. Enterprise integration initiative

§ 278h. Research program on security of computer systems

§ 278h–1. Standards for artificial intelligence

§ 278i. Reports to Congress

§ 278j. Studies by National Research Council

§ 278k. Hollings Manufacturing Extension Partnership

§ 278k–1. Competitive awards program

§ 278k–2. Expansion awards pilot program

§ 278l. Assistance to State technology programs

§ 278m. Repealed. , ,

§ 278n. Repealed. , ,

§ 278n–1. Emergency communication and tracking technologies research initiative

§ 278n–2. Green manufacturing and construction

§ 278o. User fees

§ 278p. Notice to Congress

§ 278q. Appropriations; availability

§ 278r. Collaborative manufacturing research pilot grants

§ 278s. Manufacturing USA

§ 278t. Advanced communications research activities

§ 279. Absence of Director

§§ 280, 281. Repealed. , ,

§ 281a. Structural failures

§ 282. Repealed. , ,

§ 282a. Assessment of emerging technologies requiring research in metrology

§ 283. Repealed. , , , 656

§ 284. Omitted

§§ 285, 286. Repealed. , ,