Cybersecurity Legislation in the 117th Congress

Download House Catalogue
Download Senate Catalogue

CSIS has compiled a list of cybersecurity legislation from the 117th Congress. These were categorized according to the bill’s provisions. The tags include workforce, capacity building, funding, risk assessment, and organization. An appendix on the cybersecurity provisions in the National Defense Authorization Act for Fiscal Year 2022 is forthcoming. If you have suggestions for updated information or additions, please send them to

Overall: We found 96 pieces of legislation in the House of Representatives, 61 in the Senate, for a total of 157 across Congress. Risk assessment is the most popular category for both chambers.

Workforce: aims to expand the current cybersecurity workforce. 

  • 41 bills created mechanisms for workforce enhancement. 27 in the House and 14 in the Senate. 

Capacity building: advances cybersecurity capabilities. 

  • 76 bills addressed capacity building. 47 in the House and 29 in the Senate. 

Funding: allocates a specified number of funds towards cybersecurity measures. 

  • 58 bills included funding allocation. 34 in the House and 24 in the Senate. 

Risk assessment: analyzes potential cybersecurity vulnerabilities, often creating reports or briefings to relevant stakeholders. 

  • 102 bills created a risk assessment. 61 in the House and 41 in the Senate. 

Organization: updates current federal structure, such as position terms, establishing programs or agencies, or allowing for the sharing of information between departments. 

  • 65 bills updated the federal organizational structure. 35 in the House and 30 in the Senate.
Georgia Wood

Georgia Wood

Former Program Manager and Research Associate, Strategic Technologies Program