S. 2866
119th CONGRESS 1st Session
To amend the National Agricultural Research, Extension, and Teaching Policy Act of 1977 to direct the Secretary of Agriculture to establish a program providing for the establishment of Agriculture Cybersecurity Centers, and for other purposes.
IN THE SENATE OF THE UNITED STATES · Sponsor: Mr. Budd · Committee: Committee on Agriculture, Nutrition, and Forestry
Table of contents
SEC. 1. Short title
- This Act may be cited as the Cybersecurity in Agriculture Act of 2025.
SEC. 2. Agriculture Cybersecurity Centers
- Subtitle K of the National Agricultural Research, Extension, and Teaching Policy Act of 1977 () is amended by adding at the end the following: 7 U.S.C. 3310 et seq.
- (a) In general
- The Secretary, acting through the Director of the National Institute of Food and Agriculture, and in consultation with the Secretary of Homeland Security, shall establish a program under which the Secretary shall—
- on a competitive basis, award grants to, or enter into cooperative agreements with, eligible entities to establish 5 Regional Agriculture Cybersecurity Centers to carry out research, development, and education on agriculture cybersecurity, with respect to seed agriculture, horticulture, animal agriculture, and the agriculture supply chain;
- establish a national network of such Regional Agriculture Cybersecurity Centers; and
- designate one eligible entity to coordinate the activities of such national network.
- The Secretary, acting through the Director of the National Institute of Food and Agriculture, and in consultation with the Secretary of Homeland Security, shall establish a program under which the Secretary shall—
- (b) Duties
- A Regional Agriculture Cybersecurity Center shall—
- conduct research on cybersecurity systems for the agriculture sector, including developing cybersecurity situational awareness systems to monitor cybersecurity threats, intrusions, and anomalies;
- develop a security operations center for the agriculture sector—
- to analyze cybersecurity threats, intrusions, and anomalies; and
- to recommend mitigation actions;
- develop cybersecurity technologies and tools for the agriculture sector, including—
- domain-specific intrusion and anomaly detection systems;
- domain-specific intrusion prevention systems;
- domain-specific role-based access control and user authentication systems;
- lightweight device authentication protocols; and
- secure network architectures;
- build live cybersecurity testbeds to assess and refine cybersecurity technologies, tools, and systems developed for the agriculture sector;
- conduct attack/defense exercises to validate and evaluate cybersecurity solutions for field deployment and agriculture industry adoption;
- develop cybersecurity education and training programs for agricultural stakeholders;
- conduct cybersecurity training using the testbeds referred to in paragraph (4);
- build a regional research and development collaboration network; and
- ensure that the research described in paragraph (1), the technologies and tools described in paragraph (3), and the attack/defense exercises described in paragraph (5) are specifically designed to prevent cyberattacks from—
- the People’s Republic of China;
- the Democratic People’s Republic of Korea;
- the Russian Federation;
- the Islamic Republic of Iran; and
- such other countries as the Secretary, in consultation with the Secretary of Homeland Security, determines to be appropriate.
- A Regional Agriculture Cybersecurity Center shall—
- (c) Definition of eligible entity
- In this section, the term
eligible entitymeans a land-grant college or university that—- has programs in the food and agricultural sciences and cybersecurity; and
- coordinates regional industry partners, cooperatives, government authorities, and other stakeholders—
- In this section, the term
- (d) Authorization of appropriations
- There is authorized to be appropriated to carry out this section $25,000,000 for each of fiscal years 2026 through 2030.
- (a) In general