CISA is responsible for performing,
coordinating, and supporting response to information security
incidents, which may originate outside the Federal community and
affect users within it, or originate within the Federal community
and affect users outside of it. Often, therefore, the effective
handling of security incidents relies on information sharing among
individual users, industry, and the Federal Government, which may
be facilitated by and through CISA. Per the Federal Information
Security Modernization Act of 2014, CISA operates the Federal
in-formation security incident center for the United States federal
government. Each federal agency is required to notify and consult
with CISA regarding information security incidents involving
federal information systems. Additional entities report incident
information to CISA voluntarily. CISA’s website is a primary tool
used by constituents to report incident in-formation, access
information sharing products and services, and interact with CISA.
Constituents, which may include anyone or any entity in the public,
use forms located on the website to complete these
activities.
US Code:
44
USC 3556 Name of Law: Federal Information Security Incident
Center
PL:
Pub.L. 113 - 283 2(d) Name of Law: Federal Information
Security
US Code: 6 USC
659 Name of Law: National cybersecurity and communications
integration center
US Code: 44
USC 3553 Name of Law: Authority and Functions of the Director
and the Secretary
US Code: 6 USC
1504 Name of Law: Sharing of cyber threat indicators and
defensive measures with the Federal Government
US Code: 44
USC 3554 Name of Law: Information Security
On behalf of this Federal agency, I certify that
the collection of information encompassed by this request complies
with 5 CFR 1320.9 and the related provisions of 5 CFR
1320.8(b)(3).
The following is a summary of the topics, regarding
the proposed collection of information, that the certification
covers:
(i) Why the information is being collected;
(ii) Use of information;
(iii) Burden estimate;
(iv) Nature of response (voluntary, required for a
benefit, or mandatory);
(v) Nature and extent of confidentiality; and
(vi) Need to display currently valid OMB control
number;
If you are unable to certify compliance with any of
these provisions, identify the item by leaving the box unchecked
and explain the reason in the Supporting Statement.