Rural and Municipal Utility Cybersecurity Act

In this section:

The term advanced cybersecurity technology means any technology, operational capability, or service, including computer hardware, software, or a related asset, that enhances the security posture of electric utilities through improvements in the ability to protect against, detect, respond to, or recover from a cybersecurity threat.

The term bulk-power system has the meaning given the term in section 215(a) of the Federal Power Act.

The term cybersecurity threat has the meaning given the term in section 2200 of the Homeland Security Act of 2002.

The term defense critical electric infrastructure has the meaning given the term in section 215A(a) of the Federal Power Act.

The term eligible entity means—

(A) a rural electric cooperative;

(B) an electric utility owned by a political subdivision of a State, such as a municipally owned electric utility;

(C) an electric utility owned by any agency, authority, corporation, or instrumentality of 1 or more political subdivisions of a State;

(D) a not-for-profit entity that is in a partnership with not fewer than 6 entities described in subparagraph (A), (B), or (C); and

(E) an investor-owned electric utility that sells less than 4,000,000 megawatt hours of electricity per year.

The term Program means the Rural and Municipal Utility Advanced Cybersecurity Grant and Technical Assistance Program established under subsection (b).

The Secretary shall maintain a program, to be known as the Rural and Municipal Utility Advanced Cybersecurity Grant and Technical Assistance Program, to provide technical assistance and award funding, including grants, cooperative agreements, and prizes, to eligible entities to protect against, detect, respond to, and recover from cybersecurity threats.

The objectives of the Program shall be—

(1) to deploy advanced cybersecurity technologies for electric utility systems; and

(2) to increase the participation of eligible entities in cybersecurity threat information sharing programs.

In carrying out the Program, the Secretary—

(A) shall, subject to the availability of appropriations, provide technical assistance, and award funding, including grants, cooperative agreements, and prizes, to eligible entities on a competitive or noncompetitive basis;

(B) shall develop criteria for providing such technical assistance and awarding such funding;

(C) may enter into agreements that can facilitate the objectives described in subsection (c) with eligible entities to provide technical assistance or award funding, including grants, cooperative agreements, and prizes; and

(D) shall establish a process to ensure, to the extent practicable, that all eligible entities are informed about opportunities to receive technical assistance or funding, including grants, cooperative agreements, and prizes.

In providing technical assistance and awarding funding, including grants, cooperative agreements, and prizes, under the Program, the Secretary shall give priority to an eligible entity that, as determined by the Secretary—

(A) has limited cybersecurity resources;

(B) owns assets critical to the reliability of the bulk-power system; or

(C) owns or operates defense critical electric infrastructure.

Information shared by or with the Federal Government or a State, Tribal, or local government under the Program shall be deemed voluntarily shared information and exempt from disclosure under section 552 of title 5, United States Code (commonly known as the Freedom of Information Act), or any provision of any State, Tribal, or local freedom of information law, open government law, open meetings law, open records law, sunshine law, or similar law requiring the disclosure of information or records.

There is authorized to be appropriated to the Secretary to carry out this section $250,000,000 for the period of fiscal years 2026 through 2030.