What does Preamble of Combat Emerging Threats to Critical Infrastructure Act of 2026 do?

This bill requires the Director of the Cybersecurity and Infrastructure Security Agency (CISA) to collaborate with Sector Risk Management Agencies. The collaboration is intended to update sector-specific plans.

What does SHORT TITLE. of Combat Emerging Threats to Critical Infrastructure Act of 2026 do?

This bill is formally titled the Combat Emerging Threats to Critical Infrastructure Act of 2026.

What does DEFINITIONS. of Combat Emerging Threats to Critical Infrastructure Act of 2026 do?

This section defines key terms used in the Act Definitions include artificial intelligence, digital asset, Director, National Security Memorandum 22, and sector risk management agency

What does SECTOR RISK MANAGEMENT AGENCY SECTOR-SPECIFIC PLANS. of Combat Emerging Threats to Critical Infrastructure Act of 2026 do?

This section requires the Director to update sector-specific plans within one year of the Act's enactment for sixteen sectors. These sectors include Chemical, Commercial Facilities, Communications, Critical Manufacturing, Dams, Defense Industrial Base, Emergency Services, Energy, Financial Services, Food and Agriculture, Government Services and Facilities, Healthcare and Public Health, Information Technology, Nuclear Reactors, Materials, and Waste, Transportation Systems, and Water and Wastewater. The updated plans must address risks exacerbated or facilitated by disruptive technologies, such as artificial intelligence, including malicious activity, supply chain vulnerabilities, and evolving social engineering techniques. For the Financial Services Sector, the Director must coordinate with the Secretary of the Treasury to determine digital asset vulnerabilities related to quantum computing. The Director must coordinate with designated Sector Risk Management Agencies during the update process. Within 30 days of completing the updates, the Director must provide copies of the sector-specific plans to specified congressional committees based on the sector.

What does BIENNIAL REASSESSMENT. of Combat Emerging Threats to Critical Infrastructure Act of 2026 do?

This section establishes a biennial reassessment process for sector-specific plans. The Director must conduct a reassessment of each plan no later than two years after completing an update required under section 3(a), and at least once every two years thereafter. Following each reassessment, the Director must issue revised sector-specific plans. The Director must notify relevant committees of Congress within 30 days of completing an update, providing copies of the sector-specific plans.

Back to bills

Combat Emerging Threats to Critical Infrastructure Act of 2026

Last updated: 6/10/2026 · Introduced: 6/10/2026

Author: Mark Warner (D-VA)

TL;DR (AI)

This bill mandates that the Cybersecurity and Infrastructure Security Agency (CISA) update sector-specific plans for sixteen critical infrastructure sectors to address risks related to disruptive technologies like artificial intelligence.
The bill requires a biennial reassessment of these sector-specific plans, leading to revised plans issued by CISA every two years.
For the Financial Services sector, the Director must coordinate with the Secretary of the Treasury to assess digital asset vulnerabilities related to quantum computing.

119th Congressin committeeOfficial page

Verified Votes

No verified votes yet.

Community Votes

No community votes yet. Be the first!

Voting as guest · Sign in for verified votes

Other Sections

Includes provisions on preamble, short title., and 3 more.

5 sections

Click "Show details" to explore individual sections. Use the community vote above or visit All Sections to vote per section.

Read official text

Want the full experience?

Create a free account to cast verified votes on each section, get a personalized summary, and track your voting history.

Create Free Account