PRIA Logo
Take the PRIA Score
Title 6Domestic SecurityRelease 119-73

§1508 Report on cybersecurity threats

Title 6 › Chapter CHAPTER 6— - CYBERSECURITY › Subchapter SUBCHAPTER I— - CYBERSECURITY INFORMATION SHARING › § 1508

Last updated Apr 6, 2026|Official source

Summary

The Director of National Intelligence must, within 180 days after December 18, 2015, give a report to the Senate and House intelligence committees. The Director must work with other intelligence agencies to prepare it. The report is about cyber threats such as hacks, theft of data, and data breaches. The report must review U.S. intelligence sharing with other countries, name the main country and nonstate threats, explain how slow private-sector notice hurts government response, and list technologies or private practices that could help prevent or respond to attacks. The report must be delivered in both classified and unclassified versions. "Intelligence community" means the agencies listed in 50 U.S.C. 3003.

Full Legal Text

Title 6, §1508

Domestic Security — Source: USLM XML via OLRC

(a)Not later than 180 days after December 18, 2015, the Director of National Intelligence, in coordination with the heads of other appropriate elements of the intelligence community, shall submit to the Select Committee on Intelligence of the Senate and the Permanent Select Committee on Intelligence of the House of Representatives a report on cybersecurity threats, including cyber attacks, theft, and data breaches.
(b)The report required by subsection (a) shall include the following:
(1)An assessment of the current intelligence sharing and cooperation relationships of the United States with other countries regarding cybersecurity threats, including cyber attacks, theft, and data breaches, directed against the United States and which threaten the United States national security interests and economy and intellectual property, specifically identifying the relative utility of such relationships, which elements of the intelligence community participate in such relationships, and whether and how such relationships could be improved.
(2)A list and an assessment of the countries and nonstate actors that are the primary threats of carrying out a cybersecurity threat, including a cyber attack, theft, or data breach, against the United States and which threaten the United States national security, economy, and intellectual property.
(3)A description of the extent to which the capabilities of the United States Government to respond to or prevent cybersecurity threats, including cyber attacks, theft, or data breaches, directed against the United States private sector are degraded by a delay in the prompt notification by private entities of such threats or cyber attacks, theft, and data breaches.
(4)An assessment of additional technologies or capabilities that would enhance the ability of the United States to prevent and to respond to cybersecurity threats, including cyber attacks, theft, and data breaches.
(5)An assessment of any technologies or practices utilized by the private sector that could be rapidly fielded to assist the intelligence community in preventing and responding to cybersecurity threats.
(c)The report required by subsection (a) shall be made available in classified and unclassified forms.
(d)In this section, the term “intelligence community” has the meaning given that term in section 3003 of title 50.

Reference

Citations & Metadata

Citation

6 U.S.C. § 1508

Title 6Domestic Security

Last Updated

Apr 6, 2026

Release point: 119-73