Not later than one year after August 9, 2022, the Director shall, using the authorities of the Director under subsections (c)(15) and (e)(1)(A)(ix) of section 272 of title 15, disseminate and make publicly available tailored resources to help qualifying institutions identify, assess, manage, and reduce their cybersecurity risk related to conducting research.
The Director shall ensure that the resources disseminated under paragraph (1) are consistent with the efforts of the Director under section 7443 of title 15.
The use of the resources disseminated under paragraph (1) shall be considered voluntary.
Nothing in this section may be construed to supersede, alter, or otherwise affect any cybersecurity requirements applicable to Federal agencies.
The term “qualifying institutions” means institutions of higher education that are awarded in excess of $50,000,000 per year in total Federal research funding.
The term “resources” means guidelines, tools, best practices, technical standards, methodologies, and other ways of providing information.