arrow_back Civic Audit
Share share

Enhanced Cybersecurity Reporting for Small Business Administration

New rules require the Small Business Administration (SBA) to regularly report on its cybersecurity status. This aims to protect the data of citizens and small businesses using SBA services by increasing transparency and accountability in digital security. In case of serious incidents, the SBA will have to quickly inform Congress and affected parties.
Key points
The SBA will annually assess and report on its digital security, including threats and attacks.
In the event of a serious cyberattack, the SBA must notify Congress within 7 days and provide a detailed report within 30 days.
Reports will include information on the number of affected individuals and businesses, and plans to notify them of the incident.
article Official text account_balance Process page notifications_active Track this Bill
gavel
Status:
Expired
Record your position for audit.
Why does your vote on bills matter?
It creates raw, undeniable proof. Civic Will provides the permanent data to verify the Government's loyalty towards its citizens (explained here). Start recording it now.
Additional Information
Print number: 117_S_1691
Sponsor: Sen. Rubio, Marco [R-FL]
Process start date: 2021-05-18
System Note: Lustra is free, publicly auditable civic infrastructure, with full source code available on GitHub. You are reading sterilized legislative data, processed by our radical neutrality engine to strip political spin and retain factual mechanics. We process only official government data. Original documents remain the authoritative source, always verify them if you can.
Summarized by: gemini-2.5-flash-preview-05-20
Source data: api.congress.gov
AI work logs for this document launch

OFFICIAL LEGAL TITLE

SBA Cyber Awareness Act

FREQUENTLY ASKED QUESTIONS

What is the official ID of this bill?

The official print number for this legislation is 117_S_1691.

Which chamber initiated this legislation?

This legislation was initiated in the Senate.

When did the legislative process begin?

The process officially started on 2021-05-18.

What are the main provisions?

Key points include:

  • The SBA will annually assess and report on its digital security, including threats and attacks.
  • In the event of a serious cyberattack, the SBA must notify Congress within 7 days and provide a detailed report within 30 days.
  • Reports will include information on the number of affected individuals and businesses, and plans to notify them of the incident.
What is the specific legal status?

The current status is Expired.

Where can I read the full text of this legislation?

The full official text is available at: View full text

Who is the primary sponsor?

The primary sponsor is Sen. Rubio, Marco [R-FL].

What is the latest detailed status?

The latest detailed status is: Introduced in Senate

Is this summary verified?

Yes. This content was analyzed by AI and verified by the Lustra Judge System on 2025-12-29.

What is the impact of this bill?

We don't know, that is up to you to decide. Summarizing raw data with AI is fundamentally different from predicting socio-economic outcomes. As of 2026, we believe impact assessment strictly requires a human in the loop to verify and judge.

CATEGORIES

Informatization Security Economy