skip to main content

H.R. 4055: American Cybersecurity Literacy Act


The text of the bill below is as of Jun 22, 2021 (Introduced).


I

117th CONGRESS

1st Session

H. R. 4055

IN THE HOUSE OF REPRESENTATIVES

June 22, 2021

(for himself, Mr. Bilirakis, Ms. Eshoo, Mr. Veasey, and Ms. Houlahan) introduced the following bill; which was referred to the Committee on Energy and Commerce

A BILL

To establish a cybersecurity literacy campaign, and for other purposes.

1.

Short title

This Act may be cited as the American Cybersecurity Literacy Act.

2.

Sense of Congress

It is the sense of the Congress that the United States has a national security and economic interest in promoting cybersecurity literacy amongst the general public.

3.

Establishment of cybersecurity literacy campaign

(a)

In general

The Assistant Secretary for Communications and Information shall develop and conduct a cybersecurity literacy campaign to increase the knowledge and awareness of the American people of best practices to reduce cybersecurity risks.

(b)

Campaign

To reduce cybersecurity risks, the Assistant Secretary shall—

(1)

identify the critical areas of an IT system that present cybersecurity risks and educate American people on how to prevent and mitigate such attacks by—

(A)

instructing American people on how to identify—

(i)

phishing emails; and

(ii)

secure websites;

(B)

instructing American people on the need to change default passwords on hardware and software technology;

(C)

encouraging the use of cybersecurity tools, including—

(i)

multi-factor authentication;

(ii)

complex passwords;

(iii)

firewalls; and

(iv)

anti-virus software;

(D)

identifying the devices that could pose possible cybersecurity risks, including—

(i)

personal computers;

(ii)

smartphones;

(iii)

tablets;

(iv)

Wi-Fi routers; and

(v)

smart home appliances;

(E)

encouraging Americans to—

(i)

regularly review mobile application permissions;

(ii)

decline privilege requests from mobile applications that are unnecessary;

(iii)

download applications only from trusted vendors or sources; and

(iv)

connect internet of things or devices to a separate and dedicated network; and

(F)

identifying the potential cybersecurity risks of using publicly available Wi-Fi networks and the methods a user may utilize to limit such risks; and

(2)

direct American people and businesses to Federal resources to help mitigate the cybersecurity risks identified in this subsection.