Skip to content
Govbase
Govbase
Congress·Passed House·H.R. 872

Federal Contractor Cybersecurity Vulnerability Reduction Act of 2025

House Passes Bill Requiring Federal Contractors to Adopt Cybersecurity Disclosure Policies

over 1 year ago·View on Congress.gov·Read full text

The House of Representatives passed this bill, and it has now moved to the Senate for further review. It is currently waiting for the Senate Committee on Homeland Security and Governmental Affairs to consider it. The bill is actively moving through the legislative process.

Legislative Progress

House
Senate
President
Law
Likely to pass

This bill has already passed the House with broad support and addresses a non-partisan issue by building on existing cybersecurity standards.

Key Points

Technology DigitalNational Security Foreign Policy

Impact Analysis

Personal Impact

Small businesses that hold federal contracts above the simplified acquisition threshold (currently $250,000) will need to implement formal vulnerability disclosure policies. This adds compliance costs and administrative burden, but many larger small-business contractors may already follow similar practices. Companies that manage federal information systems face the same requirements regardless of contract size.

2
3
2
5
0
ImpactCertaintyScopeDurationSentiment

Milestones

3 milestones9 actions
Mar 4, 2025Senate

Received in the Senate and Read twice and referred to the Committee on Homeland Security and Governmental Affairs.

Sent to a congressional committee for expert review. The committee decides whether this bill moves forward.

Mar 3, 2025House

Motion to reconsider laid on the table Agreed to without objection.

Mar 3, 2025House

On motion to suspend the rules and pass the bill, as amended Agreed to by voice vote. (text: CR H930-931)

The House fast-tracked this bill — limited debate, no amendments allowed, but needs two-thirds support to pass.

Mar 3, 2025

Passed/agreed to in House: On motion to suspend the rules and pass the bill, as amended Agreed to by voice vote. (text: CR H930-931)

The House fast-tracked this bill — limited debate, no amendments allowed, but needs two-thirds support to pass.

Mar 3, 2025House

DEBATE - The House proceeded with forty minutes of debate on H.R. 872.

Votes

No votes have been recorded for this legislation yet.

Related News

2 articles
Should Contractors Disclose Vulnerabilities to Get Government Work?
scworld.com logoSC World·over 1 year ago

Should Contractors Disclose Vulnerabilities to Get Government Work?

The U.S. House passed a bill requiring all federal contractors to submit a vulnerability disclosure program to qualify for government contracts. The bill has strong support from the security industry, including companies like Microsoft and HackerOne.

Center
U.S. senators introduce bipartisan bill to strengthen federal contractor cybersecurity standards
industrialcyber.co logoIndustrial Cyber·about 1 year ago

U.S. senators introduce bipartisan bill to strengthen federal contractor cybersecurity standards

Senators Mark Warner and James Lankford introduced the Senate version of the Federal Contractor Cybersecurity Vulnerability Reduction Act. The bill requires the OMB to oversee updates to the Federal Acquisition Regulation to mandate vulnerability disclosure policies.

Center

Related Bills

1 bill
H.R. 8800Related bill

National Defense Authorization Act for Fiscal Year 2027

Jun 15Placed on the Union Calendar, Calendar No. 606.

Source Information

Document Type

Congressional Bill

Official Title

Federal Contractor Cybersecurity Vulnerability Reduction Act of 2025

Bill NumberHR 872
Congress119th Congress
ChamberHouse of Representatives
Latest ActionReceived in the Senate and Read twice and referred to the Committee on Homeland Security and Governmental Affairs.
Read Full Bill Text

Sponsor

Cosponsors

(1)
D: 1

Analysis generated by AI. Always verify with official sources.