"The Cybersecurity Enhancement Act of 2014 amends the National Institute of Standards and Technology Act to permit the Secretary of Commerce, acting through the Director of the NIST [National Institute of Standards and Technology], to facilitate and support the development of a voluntary, consensus-based, industry-led set of standards and procedures to cost-effectively reduce cyber risks to critical infrastructure. […] The act directs various agencies, working through the National Science and Technology Council and the Networking and Information Technology Research and Development Program, to develop, and update every four years, a federal cybersecurity research and development strategic plan. […] The act directs the Department of Commerce, NSF [National Science Foundation], and the Department of Homeland Security (DHS) to support competitions and challenges to recruit individuals to perform information technology security duties or to stimulate cybersecurity innovations. […] The act directs NIST to continue coordinating a national cybersecurity awareness and education program to: (1) disseminate technical standards and make best practices usable by individuals, small to medium-sized businesses, educational institutions, and state, local, and tribal governments; (2) increase public awareness and understanding of cybersecurity; (3) support education programs; and (4) evaluate workforce needs. Requires NIST to develop a strategic plan to guide federal activities in support of such program. Directs NIST to transmit such plan to Congress every five years. […] The act requires NIST to ensure the coordination of federal agencies engaged in the development of international technical standards related to information system security. Requires the development and transmittal to Congress of a plan to ensure coordination by such federal agencies. Instructs NIST to ensure consultation with appropriate private sector stakeholders."
Public Law 113-274; P.L. 113-274; S. 1353
Government Printing Office: http://www.gpo.gov/