3.0.0 1258 2025-05-06T13:51:06Z 2025-05-06T13:51:06Z House H HR 2025-02-12 119 <pre>[Congressional Record Volume 171, Number 29 (Wednesday, February 12, 2025)][House]From the Congressional Record Online through the Government Publishing Office [<a href="https://www.gpo.gov">www.gpo.gov</a>]By Mr. LIEU:H.R. 1258.Congress has the power to enact this legislation pursuantto the following:U.S. Const., Art. 1, Sec. 8[Page H677]</pre> hsgo00 Oversight and Government Reform Committee House Standing Referred To 2025-02-12T15:01:10Z 2025-02-12 Referred to the House Committee on Oversight and Government Reform. IntroReferral H11100 2 House floor actions hsgo00 Oversight and Government Reform Committee 2025-02-12 Introduced in House IntroReferral Intro-H 9 Library of Congress 2025-02-12 Introduced in House IntroReferral 1000 9 Library of Congress L000582 Rep. Lieu, Ted [D-CA-36] Ted Lieu D CA 36 N Government Operations and Politics Computers and information technology 2025-05-02T15:11:57Z Government information and archives 2025-05-02T15:12:04Z Public contracts and procurement 2025-05-02T15:11:52Z Government Operations and Politics 2025-03-31T14:44:56Z

00 2025-02-12 Introduced in House 2025-05-06T13:44:02Z <p><strong>Improving Contractor Cybersecurity Act</strong></p><p>This bill prohibits an executive agency from entering into a contract for information technology unless the contractor maintains a vulnerability disclosure policy (VDP) and program.</p><p>The contractor must report to the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security, within seven days after the VDP is published&nbsp;and on an ongoing basis as vulnerability reports are received, information regarding</p><ul><li>any valid or credible report of a not previously known public vulnerability on a system that uses commercial software or services that affect, or are likely to affect, other parties in government or industry once a patch or viable mitigation is available; and</li><li>any other situation where the contractor determines it would be helpful or necessary to involve CISA.</li></ul><p>CISA must submit vulnerabilities to the MITRE Common Vulnerabilities and Exposures database and the National Institute of Standards and Technology National Vulnerability Database.</p>

Display Title 45 2025-03-14T14:08:21Z Short Title(s) as Introduced 101 2025-03-14T14:08:21Z Introduced in House IH Official Title as Introduced 6 2025-03-14T14:03:20Z Introduced in House IH Introduced in House 2025-02-12T05:00:00Z https://www.govinfo.gov/content/pkg/BILLS-119hr1258ih/xml/BILLS-119hr1258ih.xml 2025-02-12 Referred to the House Committee on Oversight and Government Reform. text/xml EN Pursuant to Title 17 Section 105 of the United States Code, this file is not subject to copyright protection and is in the public domain. Congressional Research Service, Library of Congress This file contains bill summaries and statuses for federal legislation. A bill summary describes the most significant provisions of a piece of legislation and details the effects the legislative text may have on current law and federal programs. Bill summaries are authored by the Congressional Research Service (CRS) of the Library of Congress. As stated in Public Law 91-510 (2 USC 166 (d)(6)), one of the duties of CRS is "to prepare summaries and digests of bills and resolutions of a public general nature introduced in the Senate or House of Representatives". For more information, refer to the User Guide that accompanies this file.