119 S4699 IS: Guaranteeing Universal Access to Cybersecurity Act U.S. Senate 2026-06-08 text/xml EN Pursuant to Title 17 Section 105 of the United States Code, this file is not subject to copyright protection and is in the public domain.

II119th CONGRESS2d SessionS. 4699IN THE SENATE OF THE UNITED STATESJune 8, 2026Mr. Warner introduced the following bill; which was read twice and referred to the Committee on Homeland Security and Governmental AffairsA BILLTo restore funding to the Multi-State Information Sharing and Analysis Center, and for other purposes.

1.

Short title

This Act may be cited as the Guaranteeing Universal Access to Cybersecurity Act.

2.

Restoration of funding for the Multi-State Information Sharing and Analysis Center

Section 2209 of the Homeland Security Act of 2002 (6 U.S.C. 659) is amended by adding at the end the following:(t)

Multi-State Information Sharing and Analysis Center

(1)

Cooperative agreement

(A)

In general

The Director shall enter into a cooperative agreement with the operator of the Multi-State Information Sharing and Analysis Center to provide Federal support for—(i)cybersecurity services;(ii)cyber threat intelligence collection and dissemination; and(iii)technical assistance to SLTT entities.(B)

Requirements

Any cooperative agreement entered into under subparagraph (A) shall require the operator of the Multi-State Information Sharing and Analysis Center to—(i)provide no-cost membership and access to core cybersecurity services, including cyber threat intelligence products, real-time indicator feeds, and incident response support, to all SLTT entities that apply for membership in the Multi-State Information Sharing and Analysis Center;(ii)prioritize outreach to and enrollment of SLTT entities that—(I)lack dedicated cybersecurity staff;(II)operate on limited budgets; or(III)have been identified as covered entities, as defined in section 2240 of the Homeland Security Act of 2002 (6 U.S.C. 681);(iii)maintain interoperability and data-sharing arrangements with the Agency, the Federal Bureau of Investigation, and other relevant Federal agencies for the purposes of enhancing the national cyber threat intelligence ecosystem; and(iv)submit annual reports to the Director and to the appropriate congressional committees on—(I)membership levels of the Multi-State Information Sharing and Analysis Center;(II)threat intelligence activities;(III)significant cyber incidents affecting SLTT entities; and(IV)the efficacy of outreach to under-resourced SLTT entities.(2)

CISA and Multi-State Information Sharing and Analysis Center plan for SLTT assistance

(A)

In general

Not later than 60 days after the date of enactment of the Guaranteeing Universal Access to Cybersecurity Act, the Director, in coordination with the operator of the Multi-State Information Sharing and Analysis Center, shall develop and implement a plan to—(i)(I)identify SLTT entities and owners and operators of critical infrastructure that previously held membership in the Multi-State Information Sharing and Analysis Center and have not enrolled in the Multi-State Information Sharing and Analysis Center under the fee-based membership model; and(II)conduct targeted outreach to restore participation by those SLTT entities and owners and operators of critical infrastructure in the Multi-State Information Sharing and Analysis Center;(ii)(I)identify SLTT entities and owners and operators of critical infrastructure that previously held membership in the Multi-State Information Sharing and Analysis Center and are enrolled in the Multi-State Information Sharing and Analysis Center under the fee-based membership model; and(II)conduct targeted outreach to retain participation by those SLTT entities and owners and operators of critical infrastructure in the Multi-State Information Sharing and Analysis Center;(iii)(I)identify SLTT entities and owners and operators of critical infrastructure that have never held membership in the Multi-State Information Sharing and Analysis Center and that face elevated cyber risk due to limited cybersecurity resources; and(II)conduct targeted outreach to encourage participation by those SLTT entities and owners and operators of critical infrastructure in the Multi-State Information Sharing and Analysis Center; and(iv)provide technical assistance and cybersecurity capacity-building support to SLTT entities identified under clauses (i)(I) and (ii)(I), including through partnerships with cyber-capable governments and entities.(B)

Report

Not later than 1 year after the date of enactment of the Guaranteeing Universal Access to Cybersecurity Act, the Director shall submit to the appropriate congressional committees a report on the implementation of this paragraph, including—(i)the number of SLTT entities re-enrolled in the Multi-State Information Sharing and Analysis Center;(ii)the number of new members enrolled in the Multi-State Information Sharing and Analysis Center since the date of enactment of the Guaranteeing Universal Access to Cybersecurity Act; and(iii)any barriers to participation in the Multi-State Information Sharing and Analysis Center that remain as of the date of the report.(3)

Appropriations

There is appropriated to carry out this subsection $50,000,000 for fiscal year 2027 and each fiscal year thereafter, to remain available until expended..