The Combat Emerging Threats to Critical Infrastructure Act would direct CISA to work with sector risk management agencies to update these plans within a year of enactment. Also requires CISA to reassess those plans every two years, and issue revised versions for Congress.