(a) AppointmentThe Director shall appoint an employee of the Agency in each State, with the appropriate cybersecurity qualifications and expertise, who shall serve as the Cybersecurity State Coordinator.
(b) DutiesThe duties of a Cybersecurity State Coordinator appointed under subsection (a) shall include—(1) building strategic public and, on a voluntary basis, private sector relationships, including by advising on establishing governance structures to facilitate the development and maintenance of secure and resilient infrastructure;
(2) serving as the Federal cybersecurity risk advisor and supporting preparation, response, and remediation efforts relating to cybersecurity risks and incidents;
(3) facilitating the sharing of cyber threat information to improve understanding of cybersecurity risks and situational awareness of cybersecurity incidents;
(4) raising awareness of the financial, technical, and operational resources available from the Federal Government to non-Federal entities to increase resilience against cyber threats;
(5) supporting training, exercises, and planning for continuity of operations to expedite recovery from cybersecurity incidents, including ransomware;
(6) serving as a principal point of contact for non-Federal entities to engage, on a voluntary basis, with the Federal Government on preparing, managing, and responding to cybersecurity incidents;
(7) assisting non-Federal entities in developing and coordinating vulnerability disclosure programs consistent with Federal and information security industry standards;
(8) assisting State, local, Tribal, and territorial governments, on a voluntary basis, in the development of State cybersecurity plans;
(9) coordinating with appropriate officials within the Agency; and
(10) performing such other duties as determined necessary by the Director to achieve the goal of managing cybersecurity risks in the United States and reducing the impact of cyber threats to non-Federal entities.
(c) FeedbackThe Director shall consult with relevant State, local, Tribal, and territorial officials regarding the appointment, and State, local, Tribal, and territorial officials and other non-Federal entities regarding the performance, of the Cybersecurity State Coordinator of a State.
Structure US Code
CHAPTER 1— HOMELAND SECURITY ORGANIZATION
SUBCHAPTER XVIII— CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY
Part A— Cybersecurity and Infrastructure Security
§ 652. Cybersecurity and Infrastructure Security Agency
§ 652a. Sector Risk Management Agencies
§ 654. Infrastructure Security Division
§ 655. Enhancement of Federal and non-Federal cybersecurity
§ 657. Cyber Security Enhancement Act of 2002
§ 658. Cybersecurity recruitment and retention
§ 659. National cybersecurity and communications integration center
§ 663. Federal intrusion detection and prevention system
§ 664. National asset database
§ 665. Duties and authorities relating to .gov internet domain
§ 665a. Intelligence and cybersecurity diversity fellowship program
§ 665b. Joint cyber planning office
§ 665c. Cybersecurity State Coordinator
§ 665d. Sector Risk Management Agencies
§ 665e. Cybersecurity Advisory Committee
§ 665f. Cybersecurity education and training programs
§ 665g. State and Local Cybersecurity Grant Program
§ 665h. National Cyber Exercise Program
§ 665j. Ransomware threat mitigation activities
§ 665k. Federal Clearinghouse on School Safety Evidence-based Practices
§ 665l. School and daycare protection
§ 665m. President’s Cup Cybersecurity Competition
§ 665n. Industrial Control Systems Cybersecurity Training Initiative