Digital Economy Cybersecurity Advisory Act of 2025

There is established within the NTIA a Digital Economy and Cybersecurity Board of Advisors (in this section referred to as the Board).

The Board shall provide to the Assistant Secretary recommendations (for implementation by the Assistant Secretary or that the Assistant Secretary could recommend for implementation by other appropriate entities) with respect to the following:

(1) Technical cybersecurity best practices regarding how to drive economic growth while securing information and communications networks, including how to secure the Border Gateway Protocol used by Federal and non-Federal entities.

(2) Cybersecurity policies to support the development and implementation of cybersecurity practices with respect to the internet and information and communications networks.

(3) Policies that promote the security and resilience to cybersecurity incidents of information and communications networks while fostering innovation, including policies that promote secure supply chains for information and communications networks.

(4) Policies to remove barriers to trust, security, innovation, and commercialization with respect to information and communications networks.

The Board shall be composed of not fewer than 5, and not more than 25, members appointed by the Assistant Secretary.

Each member of the Board shall have cybersecurity or supply chain security technical expertise, cybersecurity or supply chain security policy expertise, or expertise in running the cybersecurity or supply chain security functions of a business.

In appointing members of the Board under subparagraph (A), the Assistant Secretary shall ensure that the members appointed provide a balanced representation of the following:

(i) Chief cybersecurity officers or other qualified individuals employed in cybersecurity positions, representing both the public and private sectors.

(ii) Persons who operate or maintain information and communications networks.

(iii) Vendors that produce or provide equipment used in information and communications networks.

(iv) Vendors that produce or provide software used in information and communications networks.

(v) Persons who operate or maintain internet applications.

An individual who is a registered lobbyist under the Lobbying Disclosure Act of 1995 (2 U.S.C. 1601 et seq.) may not serve as a member of the Board.

Except as provided in subparagraphs (C) and (D), each member of the Board shall be appointed for a term of a length not to exceed 2 years, to be determined by the Assistant Secretary.

A member of the Board, including a member appointed to fill a vacancy as provided in subparagraph (D), may be reappointed for 1 or more additional terms by the Assistant Secretary.

The Assistant Secretary may remove a member of the Board at the discretion of the Assistant Secretary.

Any member of the Board appointed to fill a vacancy occurring before the expiration of the term for which the predecessor of the member was appointed shall be appointed only for the remainder of such term. A vacancy in the Board shall be filled in the manner in which the original appointment was made.

The Chair of the Board shall be the Associate Administrator of the National Telecommunications and Information Administration for Policy Analysis and Development.

The members of the Board shall serve without compensation.

Subject to the approval of the Assistant Secretary, as the Assistant Secretary determines necessary for the performance by the Board of the duties described in subsection (b), the Board may establish subcommittees, working groups, standing committees, ad hoc groups, task groups, or other subgroups of the Board.

Any subcommittee, working group, standing committee, ad hoc group, task group, or other subgroup of the Board established under paragraph (1) shall report to the Board and may not provide any advice, recommendation, or other work product directly to the Assistant Secretary.

Notwithstanding section 1013 of title 5, United States Code, the Board shall terminate on the date that is 4 years after the date of the enactment of this section.

In this section:

The term Border Gateway Protocol means the routing protocol used to exchange network layer reachability information among independently managed networks on the internet.

The term information and communications network means a network that provides advanced telecommunications capability (as defined in section 706(d) of the Telecommunications Act of 1996 (47 U.S.C. 1302(d))).