Ask AI
Bill117th CongressFiled Jul 27, 2021Science, Technology, Communications
S. 2483

Improving Cybersecurity of Small Businesses, Nonprofits, and Local Governments Act of 2021

Bill journey · stage 2 of 5

Under committee review

Filed
Comm.
Floor
Both
Law

What it doesSummary reported to senate (Dec 5, 2022)

Improving Cybersecurity of Small Businesses, Nonprofits, and Local Governments Act of 2021

This bill requires reporting and other efforts to improve the cybersecurity of small entities. These include small businesses, governments (or certain governmental bodies) that represent populations of less than 50,000, and small nonprofits.

Specifically, the Cybersecurity and Infrastructure Security Agency (CISA) must periodically report on and make recommendations about cybersecurity policies and controls for small entities. CISA, the Small Business Administration (SBA), and the Minority Business Development Agency must (1) promote the report, including by making it available through their respective websites; and (2) make voluntary training and technical assistance available to employees of small entities concerning cybersecurity recommendations identified in the report.

In addition, the Department of Commerce must report to Congress about improving the cybersecurity of small entities. Further, the SBA must collect information from small businesses concerning cybersecurity matters and report to Congress about the cybersecurity of small businesses.

What just happenedDec 5, 2022

Placed on Senate Legislative Calendar under General Orders. Calendar No. 573.

Who’s behind it

Sen. Rosen, Jacky [D-NV](D-NV)Sponsor
3 cosponsors2 D1 R
Read on Congress.gov
3cosponsors1committees6actions1related bills7subjects
  1. Dec 5, 2022Calendars

    Placed on Senate Legislative Calendar under General Orders. Calendar No. 573.

  2. Dec 5, 2022Committee

    Committee on Homeland Security and Governmental Affairs. Reported by Senator Peters with an amendment in the nature of a substitute. With written report No. 117-217.

    Homeland Security and Governmental Affairs Committee
  3. Dec 5, 2022Committee14000

    Committee on Homeland Security and Governmental Affairs. Reported by Senator Peters with an amendment in the nature of a substitute. With written report No. 117-217.

    Homeland Security and Governmental Affairs Committee
  4. Feb 2, 2022Committee

    Committee on Homeland Security and Governmental Affairs. Ordered to be reported with an amendment in the nature of a substitute favorably.

    Homeland Security and Governmental Affairs Committee
  5. Jul 27, 2021IntroReferral

    Read twice and referred to the Committee on Homeland Security and Governmental Affairs.

    Homeland Security and Governmental Affairs Committee
  6. Jul 27, 2021IntroReferral10000

    Introduced in Senate

Reported to SenateDec 5, 202225

Improving Cybersecurity of Small Businesses, Nonprofits, and Local Governments Act of 2021

This bill requires reporting and other efforts to improve the cybersecurity of small entities. These include small businesses, governments (or certain governmental bodies) that represent populations of less than 50,000, and small nonprofits.

Specifically, the Cybersecurity and Infrastructure Security Agency (CISA) must periodically report on and make recommendations about cybersecurity policies and controls for small entities. CISA, the Small Business Administration (SBA), and the Minority Business Development Agency must (1) promote the report, including by making it available through their respective websites; and (2) make voluntary training and technical assistance available to employees of small entities concerning cybersecurity recommendations identified in the report.

In addition, the Department of Commerce must report to Congress about improving the cybersecurity of small entities. Further, the SBA must collect information from small businesses concerning cybersecurity matters and report to Congress about the cybersecurity of small businesses.

Introduced in SenateJul 27, 2021

Improving Cybersecurity of Small Organizations Act of 2021

This bill requires the Cybersecurity and Infrastructure Security Agency (CISA) to maintain and promote cybersecurity guidance for use by small organizations.

Specifically, the bill requires CISA to maintain cybersecurity guidance that documents and promotes evidence-based cybersecurity policies and controls for use by small organizations to improve their cybersecurity. This guidance must be publicly available at no cost, and CISA, the Small Business Administration (SBA), and the Department of Commerce must promote the guidance through relevant resources that are regularly used by small organizations.

Commerce must report on methods of incentivizing small organizations to improve their cybersecurity, including through the adoption of policies, controls, products, and services that have been demonstrated to reduce cybersecurity risk. Every two years, the SBA must submit and make publicly available specified data on the state of small businesses' cybersecurity.

Improving Cybersecurity of Small Businesses, Nonprofits, and Local Governments Act of 2021 — Informed