Protecting Investments in Our Ports Act

(1) by striking To be eligible and inserting the following:

To be eligible

(1) ; and

(2) by adding at the end the following:

If a covered applicant for a grant under this subsection is applying to use the grant to acquire digital infrastructure or a software component, such applicant shall—

(I) certify the facility for which a covered applicant is applying for a grant, has an approved facility security plan pursuant to section 70103(c) of this title that addresses the cybersecurity risks of such digital infrastructure or software component; or

(II) if the approved facility security plan of a facility for which a covered applicant is applying for a grant does not address such cybersecurity risks, provide a brief description in the application of how such applicant will address the cybersecurity risks of such digital infrastructure or software component.

If the approved facility security plan required under section 70103(c) of this title of a facility for which a covered applicant is applying for a grant under this subsection does not address the cybersecurity risks of digital infrastructure or a software component to be acquired by such grant and such applicant provides a brief description to address such cybersecurity risks under clause (ii)(II), the covered applicant shall ensure that such security plan is updated to address such cybersecurity risks described in clause (ii)(II) in the next update required under paragraph (3)(G) of such section.

In this paragraph, the term covered applicant means an applicant under this subsection that is not eligible for a grant under subsection (b).