James Comer said "Mr. Speaker, I move to suspend the rules and pass the bill (H.R. 872) to require covered contractors implement a vulnerability disclosure policy consistent with NIST guidelines, and for other purposes, as amended. The Clerk read the title of the bill. The text of the bill is as follows: H.R. 872 Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, SECTION 1. SHORT TITLE. This Act may be cited as the ``Federal Contractor Cybersecurity Vulnerability Reduction Act of 2025''. SEC. 2. FEDERAL CONTRACTOR VULNERABILITY DISCLOSURE POLICY. (a) Recommendations.-- (1) In general.--Not later than 180 days after the date of the enactment of this Act, the Director of the Office of Management and Budget, in consultation with the Director of the Cybersecurity and Infrastructure Security Agency, the National Cyber Director, the Director of the National Institute of Standards and Technology, and any other appropriate head of an Executive department, shall-- (A) review the Federal Acquisition Regulation contract requirements and language for contractor vulnerability disclosure programs; and (B) recommend updates to such requirements and language to the Federal Acquisition Regulation Council.…" @ PoliticalQuotes.com

On the recordMarch 3, 2025

Mr. Speaker, I move to suspend the rules and pass the bill (H.R. 872) to require covered contractors implement a vulnerability disclosure policy consistent with NIST guidelines, and for other purposes, as amended. The Clerk read the title of the bill. The text of the bill is as follows: H.R. 872 Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, SECTION 1. SHORT TITLE. This Act may be cited as the ``Federal Contractor Cybersecurity Vulnerability Reduction Act of 2025''. SEC. 2. FEDERAL CONTRACTOR VULNERABILITY DISCLOSURE POLICY. (a) Recommendations.-- (1) In general.--Not later than 180 days after the date of the enactment of this Act, the Director of the Office of Management and Budget, in consultation with the Director of the Cybersecurity and Infrastructure Security Agency, the National Cyber Director, the Director of the National Institute of Standards and Technology, and any other appropriate head of an Executive department, shall-- (A) review the Federal Acquisition Regulation contract requirements and language for contractor vulnerability disclosure programs; and (B) recommend updates to such requirements and language to the Federal Acquisition Regulation Council.…

Said by

James Comer

Republican · Kentucky

Source

govinfo.gov

Share & report

Share on X Share on Facebook Email this quote