(a) In General.—The Secretary shall ensure the operation of a central Federal information security incident center to—
provide timely technical assistance to operators of agency information systems regarding security incidents, including guidance on detecting and handling information security incidents;
compile and analyze information about incidents that threaten information security;
inform operators of agency information systems about current and potential information security threats, and vulnerabilities;
provide, as appropriate, intelligence and other information about cyber threats, vulnerabilities, and incidents to agencies to assist in risk assessments conducted under section 3554(b); and
consult with the National Institute of Standards and Technology, agencies or offices operating or exercising control of national security systems (including the National Security Agency), and such other agencies or offices in accordance with law and as directed by the President regarding information security incidents and related matters.
(b) National Security Systems.—
Each agency operating or exercising control of a national security system shall share information about information security incidents, threats, and vulnerabilities with the Federal information security incident center to the extent consistent with standards and guidelines for national security systems, issued in accordance with law and as directed by the President.
(Added Pub. L. 113–283, § 2(a), Dec. 18, 2014, 128 Stat. 3084.)