6 USC 665m – President’s Cup Cybersecurity Competition
(a) In general
The Director of the Cybersecurity and Infrastructure Security Agency (in this section referred to as the “Director”) of the Department of Homeland Security is authorized to hold an annual cybersecurity competition to be known as the “Department of Homeland Security Cybersecurity and Infrastructure Security Agency’s President’s Cup Cybersecurity Competition” (in this section referred to as the “competition”) for the purpose of identifying, challenging, and competitively awarding prizes, including cash prizes, to the United States Government’s best cybersecurity practitioners and teams across offensive and defensive cybersecurity disciplines.
(b) Eligibility
Terms Used In 6 USC 665m
- Contract: A legal written agreement that becomes binding when signed.
- Fiscal year: The fiscal year is the accounting period for the government. For the federal government, this begins on October 1 and ends on September 30. The fiscal year is designated by the calendar year in which it ends; for example, fiscal year 2006 begins on October 1, 2005 and ends on September 30, 2006.
- individual: shall include every infant member of the species homo sapiens who is born alive at any stage of development. See 1 USC 8
- State: means a State, the District of Columbia, the Commonwealth of Puerto Rico, or any other territory or possession of the United States. See 1 USC 7
To be eligible to participate in the competition, an individual shall be a Federal civilian employee or member of the uniformed services (as such term is defined in section 2101(3) of title 5) and shall comply with any rules promulgated by the Director regarding the competition.
(c) Competition administration
The Director may enter into a grant, contract, cooperative agreement, or other agreement with a private sector for-profit or nonprofit entity or State or local government agency to administer the competition.
(d) Competition parameters
Each competition shall incorporate the following elements:
(1) Cybersecurity skills outlined in the National Initiative for Cybersecurity Education Framework, or any successor framework.
(2) Individual and team events.
(3) Categories demonstrating offensive and defensive cyber operations, such as software reverse engineering and exploitation, network operations, forensics, big data analysis, cyber analysis, cyber defense, cyber exploitation, secure programming, obfuscated coding, or cyber-physical systems.
(4) Any other elements related to paragraphs (1), (2), or (3), as determined necessary by the Director.
(e) Use of funds
(1) In general
In order to further the goals and objectives of the competition, the Director may use amounts made available to the Director for the competition for reasonable expenses for the following:
(A) Advertising, marketing, and promoting the competition.
(B) Meals for participants and organizers of the competition if attendance at the meal during the competition is necessary to maintain the integrity of the competition.
(C) Promotional items, including merchandise and apparel.
(D) Consistent with section 4503 of title 5, necessary expenses for the honorary recognition of competition participants, including members of the uniformed services.
(E) Monetary and nonmonetary awards for competition participants, including members of the uniformed services, subject to subsection (f).
(2) Application
This subsection shall apply to amounts appropriated on or after December 23, 2022.
(f) Prize limitation
(1) Awards by the Director
The Director may make one or more awards per competition, except that the amount or value of each shall not exceed $10,000.
(2) Awards by the Secretary of Homeland Security
The Secretary of Homeland Security may make one or more awards per competition, except the amount or the value of each shall not exceed $25,000.
(3) Regular pay
A monetary award under this section shall be in addition to the regular pay of the recipient.
(4) Overall yearly award limit
The total amount or value of awards made under this Act 1 during a fiscal year may not exceed $100,000.
(g) Reporting requirements
The Director shall annually provide to the Committee on Homeland Security of the House of Representatives and the Committee on Homeland Security and Governmental Affairs of the Senate a report that includes the following with respect to each competition conducted in the preceding year:
(1) A description of available amounts.
(2) A description of authorized expenditures.
(3) Information relating to participation.
(4) Information relating to lessons learned, and how such lessons may be applied to improve cybersecurity operations and recruitment of the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security.