(a) In General.—
Except as provided under subsection (b), the definitions under section 3502 shall apply to this subchapter.
(b) Additional Definitions.—As used in this subchapter:
(1) The term “binding operational directive” means a compulsory direction to an agency that—
is for purposes of safeguarding Federal information and information systems from a known or reasonably suspected information security threat, vulnerability, or risk;
shall be in accordance with policies, principles, standards, and guidelines issued by the Director; and
(2) The term “incident” means an occurrence that—
actually or imminently jeopardizes, without lawful authority, the integrity, confidentiality, or availability of information or an information system; or
(3) The term “information security” means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide—
integrity, which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity;
confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; and
(A) The term “national security system” means any information system (including any telecommunications system) used or operated by an agency or by a contractor of an agency, or other organization on behalf of an agency—
(i) the function, operation, or use of which—
The term “Secretary” means the Secretary of Homeland Security.