HR 2105 115th Congress House Science, Technology, Communications Computer security and identity theft Government information and archives Infrastructure development Small business

NIST Small Business Cybersecurity Act

Introduced: April 20, 2017 Introduced by: Webster, Daniel Republican · Florida See on congress.gov

Everywhere this bill has been 11 steps

Introduced

In committee

Reported out

Passed House

Passed Senate

To President

Became law

Oct 16, 2017

Received in the Senate and Read twice and referred to the Committee on Commerce, Science, and Transportation.

Oct 11, 2017

Motion to reconsider laid on the table Agreed to without objection.

Oct 11, 2017

On motion to suspend the rules and pass the bill, as amended Agreed to by voice vote. (text: CR H7936-7937)

Oct 11, 2017

Passed/agreed to in House: On motion to suspend the rules and pass the bill, as amended Agreed to by voice vote.(text: CR H7936-7937)

Oct 11, 2017

DEBATE - The House proceeded with forty minutes of debate on H.R. 2105.

Oct 11, 2017

Considered under suspension of the rules. (consideration: CR H7936-7939)

Oct 11, 2017

Mr. Webster (FL) moved to suspend the rules and pass the bill, as amended.

May 2, 2017

Ordered to be Reported (Amended) by Voice Vote.

May 2, 2017

Committee Consideration and Mark-up Session Held.

Apr 20, 2017

Referred to the House Committee on Science, Space, and Technology.

Apr 20, 2017

Introduced in House

Plain-English summary Congressional Research Service

NIST Small Business Cybersecurity Act

(Sec. 2) This bill amends the National Institute of Standards and Technology Act to require the National Institute of Standards and Technology (NIST) to consider small businesses when it facilitates and supports the development of voluntary, consensus-based, industry-led guidelines and procedures to cost-effectively reduce cyber risks to critical infrastructure.

NIST must consult with other federal agencies to disseminate, and publish on its website, standard and method resources that small business may use voluntarily to help identify, assess, manage, and reduce their cybersecurity risks. The resources must: (1) include case studies of practical application, (2) be based on international standards to the extent possible, (3) be able to vary with the nature and size of the implementing small business and the sensitivity of the data collected or stored on the information systems, (4) be capable of promoting awareness of third-party stakeholder relationships to assist small businesses in mitigating common cybersecurity risks, and (5) be consistent with the national cybersecurity awareness and education program under the Cybersecurity Enhancement Act of 2014.

Other federal agencies may elect to publish the resources on their own websites.

What's happening now October 16, 2017

Received in the Senate and Read twice and referred to the Committee on Commerce, Science, and Transportation.

Committees of jurisdiction 2