Don't show this message again
15 U.S. Code § 7431. Federal cybersecurity research and development
(a) Fundamental cybersecurity research
(1) Federal cybersecurity research and development strategic planThe heads of the applicable agencies and departments, working through the National Science and Technology Council and the Networking and Information Technology Research and Development Program, shall develop and update every 4 years a Federal cybersecurity research and development strategic plan (referred to in this subsection as the “strategic plan”) based on an assessment of cybersecurity risk to guide the overall direction of Federal cybersecurity and information assurance research and development for information technology and networking systems. The heads of the applicable agencies and departments shall build upon existing programs and plans to develop the strategic plan to meet objectives in cybersecurity, such as—
(A)
how to design and build complex software-intensive systems that are secure and reliable when first deployed;
(B)
how to test and verify that software and hardware, whether developed locally or obtained from a third party, is free of significant known security flaws;
(C)
how to test and verify that software and hardware obtained from a third party correctly implements stated functionality, and only that functionality;
(D)
how to guarantee the privacy of an individual, including that individual’s identity, information, and lawful transactions when stored in distributed systems or transmitted over networks;
(E)
how to build new protocols to enable the Internet to have robust security as one of the key capabilities of the Internet;
(F)
how to determine the origin of a message transmitted over the Internet;
(G)
how to support privacy in conjunction with improved security;
(H)
how to address the problem of insider threats;
(I)
how improved consumer education and digital literacy initiatives can address human factors that contribute to cybersecurity;
(J)
how to protect information processed, transmitted, or stored using cloud computing or transmitted through wireless services;
(K)
implementation of section 7432 of this title through research and development on the topics identified under subsection (a) of such section; and
(L)
any additional objectives the heads of the applicable agencies and departments, in coordination with the head of any relevant Federal agency and with input from stakeholders, including appropriate national laboratories, industry, and academia, determine appropriate.