§ 278g–3d — Implementation Of Coordinated Disclosure Of Security Vulnerabilities Relating To Agency Information Systems, Including Internet Of Things Devices

(a) Not later than 2 years after December 4, 2020, the Director of OMB, in consultation with the Secretary, shall develop and oversee the implementation of policies, principles, standards, or guidelines as may be necessary to address security vulnerabilities of information systems (including Internet of Things devices). (b) Consistent with section 3553(b) of title 44, the Secretary, in consultation with the Director of OMB, shall provide operational and technical assistance to agencies on reporting, coordinating, publishing, and receiving information about security vulnerabilities of information systems (including Internet of Things devices). (c) The Secretary shall ensure that the assistance provided under subsection (b) is consistent with applicable standards and publications developed by the Director of the Institute. (d) The Federal Acquisition Regulation shall be revised as necessary to implement the provisions under this section.