- Record: Senate Floor
- Section type: Amendments
- Chamber: Senate
- Date: June 24, 2026
- Congress: 119th Congress
- Why this source matters: This section came from the Senate floor portion of the record.
SA 6035. Mr. PETERS (for himself and Mr. Rounds) submitted an amendment intended to be proposed by him to the bill S. 4784, to authorize appropriations for fiscal year 2027 for military activities of the Department of Defense, for military construction, and for defense activities of the Department of Energy, to prescribe military personnel strengths for such fiscal year, and for other purposes; which was ordered to lie on the table; as follows:
At the appropriate place in title X, insert the following:
SEC. . REAUTHORIZATION OF THE CYBERSECURITY INFORMATION
SHARING ACT OF 2015.
(a) In General.—The Cybersecurity Information Sharing Act
of 2015 (6 U.S.C. 1501 et seq.) is amended—
(1) in section 102 (6 U.S.C. 1501; relating to
definitions)—
(A) by redesignating paragraphs (4), (5), (6), (7), (8),
(9), (10), (11), (12), (13), (14), (15), (16), (17), and (18)
as paragraphs (6), (7), (8), (9), (10), (11), (12), (13),
(14), (15), (16), (17), (18), (19), and (20), respectively;
and
(B) by inserting after paragraph (3) the following new
paragraphs:
“(4) Artificial intelligence.—The term `artificial
intelligence' has the meaning given such term in section 5002
of the National Artificial Intelligence Initiative Act of
2020 (15 U.S.C. 9401).
“(5) Critical infrastructure.—The term `critical
infrastructure' has the meaning given such term in section
1016(e) of Public Law 107-56 (42 U.S.C. 5195c(e)).”;
(2) in section 103 (6 U.S.C. 1502; relating to sharing of
information by the Federal Government)—
(A) in subsection (a), in the matter preceding paragraph
(1), by striking “develop and issue” and inserting
“develop, issue, and, as appropriate, update”; and
(B) in subsection (b)—
(i) in paragraph (1)—
(I) in the matter preceding subparagraph (A), by inserting
“and, as appropriate, updated,” after “developed”;
(II) by amending subparagraph (A) to read as follows:
“(A) ensure the Federal Government has and maintains the
capability to share cyber threat indicators and defensive
measures in real-time consistent with the protection of
classified information, and maintains the capability to
provide technical assistance, on a voluntary basis, to non-
Federal entities in utilizing cyber threat indicators and
defensive measures for cybersecurity purposes;”;
(III) in subparagraph (E)(ii), by striking “and” after
the semicolon;
(IV) in subparagraph (F), by striking the period and
inserting “; and”; and
(V) by adding at the end the following new subparagraph:
“(G) pursuant to section 2212 of the Homeland Security Act
of 2002 (6 U.S.C. 662), provide one-time read-ins, as
appropriate, to select individuals identified by non-Federal
entities that own or operate critical infrastructure or
artificial intelligence;”; and
(ii) in paragraph (2)—
(I) by inserting “and, as appropriate, updating,” after
“developing”; and
(II) by inserting “and defensive measures” after
“promote the sharing of cyber threat indicators”; and
(C) in subsection (c)—
(i) by inserting “and not later than 60 days after any
update, as appropriate, of procedures required by subsection
(a),” after “Act,”; and
(ii) by inserting “(or update, as appropriate)” after
“procedures”;
(3) in section 104 (6 U.S.C. 1503; relating to
authorizations for preventing, detecting, analyzing, and
mitigating cybersecurity threats)—
(A) in paragraph (3) of subsection (c)—
(i) in the matter preceding subparagraph (A), by striking
“shall be” and inserting “may be”;
(ii) in subparagraph (A), by striking “or” after the
semicolon;
(iii) in subparagraph (B), by striking the period and
inserting “; or”; and
(iv) by adding at the end the following new subparagraph:
“(C) to preclude the use of artificial intelligence that
is strictly deployed for cybersecurity purposes in carrying
out the activities authorized under paragraph (1) provided
that such deployment complies with section 105(d)(5).”; and
(B) in subparagraph (B) of subsection (d)(2), by inserting
“, which may utilize artificial intelligence that is
strictly deployed for cybersecurity purposes,” after
“technical capability”;
(4) in section 105 (6 U.S.C. 1504; relating to sharing of
cyber threat indicators and defensive measures with the
Federal Government)—
(A) in subsection (a)—
(i) in paragraph (2), by adding at the end the following
new sentences: “As appropriate, the Attorney General and the
Secretary of Homeland Security shall, in consultation with
the heads of the appropriate Federal entities, jointly update
such policies and procedures, and issue and make publicly
available such updated policies and procedures. Such updates
shall prioritize rapid dissemination to State, local, Tribal,
and territorial governments and owners and operators of non-
Federal critical infrastructure or artificial intelligence of
relevant and actionable cyber threat indicators and defensive
measures.”;
(ii) in paragraph (3), in the matter preceding subparagraph
(A), by striking “developed or issued” and inserting
“developed, issued, or, as appropriate, updated,”; and
(iii) in paragraph (4)—
(I) in subparagraph (A), by adding at the end the following
new sentence: “As appropriate, the Attorney General and the
Secretary of Homeland Security shall jointly update and make
publicly available such guidance to so assist entities and
promote such sharing of cyber threat indicators and defensive
measures with such Federal entities under this title.”; and
(II) in subparagraph (B), in the matter preceding clause
(i), by inserting “and, as appropriate, updated,” after
“developed”;
(B) in subsection (b)—
(i) in paragraph (2)(B), by inserting “, and, as
appropriate, update,” after “review”; and
(ii) in paragraph (3), in the matter preceding subparagraph
(A), by inserting “and, as appropriate, updated,” after
“required”; and
(C) in subsection (c)(1)(D), by inserting “, including if
such capability and process employs artificial intelligence”
before the semicolon; and
(D) in subsection (d)—
(i) in paragraph (1), by striking “trade secret
protection” and inserting “intellectual property
protection”; and
(ii) in paragraph (5)(A)—
(I) in clause (iv), by striking “or” after the semicolon;
(II) in clause (v)(III), by striking the period and
inserting “; or”; and
(III) by adding at the end the following new clause:
“(vi) the purpose of rapidly providing to other Federal
entities awareness of a cybersecurity threat that may impact
the information systems of such Federal entities.”;
(5) in section 108 (6 U.S.C. 1507; relating to construction
and preemption)—
(A) in subsection (c)—
(i) in the matter preceding paragraph (1), by striking
“shall be” and inserting “may be”;
(ii) in paragraph (2), by striking “or” after the
semicolon;
(iii) in paragraph (3), by striking the period and
inserting “; or”; and
(iv) by adding at the end the following new paragraph:
“(4) to preclude the use of artificial intelligence that
is strictly deployed for cybersecurity purposes in carrying
out activities authorized by this title.”; and
(B) in subsection (f)(3), by inserting “to share cyber
threat indicators or defensive measures” after
“relationship”;
(6) in section 109 (6 U.S.C. 1508; relating to report on
cybersecurity threats)—
(A) in subsection (a)—
(i) by inserting “and not later than September 30 of every
two years thereafter,” after “Act,”;
(ii) by inserting “the Secretary of Homeland Security
and” after “in coordination with”;
(iii) by inserting “and the Committee on Homeland Security
and Governmental Affairs” before “of the Senate”;
(iv) by inserting “and the Committee on Homeland
Security” before “of the House”; and
(v) by inserting “prepositioning activities, ransomware,”
after “attacks,”; and
(B) in subsection (b)—
(i) by inserting “prepositioning activities, ransomware,”
after “attacks,” each place it appears; and
(ii) in paragraph (2), by inserting “prepositioning
activity, ransomware,” after “attack,”; and
(7) in section 111(a) (6 U.S.C. 1510(a), relating to
effective period), by striking “September 30, 2026” and
inserting “September 30, 2036”.
(b) Conforming Amendments.—Section 2200 of the Homeland
Security Act of 2002 (6 U.S.C. 650; relating to definitions)
is amended—
(1) in paragraph (5)—
(A) in subparagraph (B), by inserting “or compromising”
after “defeating”;
(B) in subparagraph (C), by inserting “including a
security vulnerability affecting an information system or a
technology included in the critical and emerging technologies
list of the Office of Science and Technology Policy or
successor list, such as artificial intelligence, which may be
in a Federal entity's or non-Federal entity's software or
hardware supply chain,” after “security vulnerability,”;
(C) in subparagraph (D), by inserting “or compromise”
after “defeat”; and
(D) in subparagraph (F), by inserting “or compromised”
after “exfiltrated”;
(2) in paragraph (14), by amending subparagraph (B) to read
as follows:
“(B) includes, in accordance with section 104(d)(2) of the
Cybersecurity Information
Sharing Act of 2015 (6 U.S.C. 1503(d)(2)), operational
technology, including industrial control systems, such as
supervisory control and data acquisition systems, distributed
control systems, and programmable logic controllers.”; and
(3) in paragraph (25), by inserting “or compromise” after
“defeat”.