HR5079-119

Introduced

To reauthorize the Cybersecurity Act of 2015, and for other purposes.

119th Congress Introduced Sep 2, 2025

Analysis under review: This bill has generated analysis that may be too generic or incomplete. Clause-level evidence remains available below.

Summary

The Widespread Information Management for the Welfare of Infrastructure and Government Act (WIM-WIG Act) reauthorizes the Cybersecurity Act of 2015 for another ten years (through 2035). It updates the law to address modern threats including ransomware and network prepositioning attacks, and explicitly allows the use of AI tools developed for cybersecurity purposes. The bill requires DHS to conduct outreach to help small and rural critical infrastructure operators understand how to share cyber threat information, and mandates biennial Congressional threat reports. It expands the types of technologies covered (including edge devices and IoT) and strengthens information-sharing protections between the government and private sector.

Evidence Chain:

This summary is generated from the full bill text using AI analysis. Expand "Detailed Analysis" below for identified beneficiaries/burden bearers.

At a Glance

What This Bill Does

Reauthorizes the Cybersecurity Act of 2015 through 2035, updates cybersecurity information-sharing frameworks between government and private sector, adds AI-related definitions and provisions, expands critical infrastructure protections including ransomware and prepositioning threats, and strengthens outreach to small and rural infrastructure operators.

Key Policy Areas

Technology, Defense, Government Operations

Primary Purpose

Reauthorizes the Cybersecurity Act of 2015 through 2035, updates cybersecurity information-sharing frameworks between government and private sector, adds AI-related definitions and provisions, expands critical infrastructure protections including ransomware and prepositioning threats, and strengthens outreach to small and rural infrastructure operators.

Policy Domains

Technology Defense Government Operations

Whole Bill - Cybersecurity Act Reauthorization and Modernization

Identified Gains
Contextual inference, no direct clause citation
  • Critical infrastructure operators (especially small and rural)
  • Cybersecurity industry and AI-for-cybersecurity companies
  • Sector Risk Management Agencies
  • Federal government cybersecurity posture
Model: claude-opus-4 | Version: bill_summary_v2 | Source: ih

Contextual inference, no direct clause citation

Identified Costs
Contextual inference, no direct clause citation
  • DHS (expanded outreach and reporting mandates)
  • Federal entities sharing cyber threat indicators (updated compliance procedures)
  • Entities handling personal information in shared threat indicators
Model: claude-opus-4 | Version: bill_summary_v2 | Source: ih

Contextual inference, no direct clause citation

Legislative Progress

Introduced
Introduced Committee Passed
Sep 2, 2025

Mr. Garbarino (for himself and Mr. McCaul) introduced the following …

Impact analysis is available but no clear stakeholder effects identified. View clause-level analysis →

Bill Structure & Actor Mappings

Who is "The Secretary" in each section?

Domains
Technology Defense
Actor Mappings
"the_secretary"
→ Secretary of Homeland Security
"the_attorney_general"
→ Attorney General

Key Definitions

Terms defined in this bill

3 terms
"Artificial intelligence" §2(a)(1)(B)-4

Has the meaning given in section 5002 of the National Artificial Intelligence Initiative Act of 2020 (15 U.S.C. 9401).

"Critical infrastructure" §2(a)(1)(B)-5

Has the meaning given in section 1016(e) of Public Law 107-56 (42 U.S.C. 5195c(e)).

"Sector Risk Management Agency" §2(a)(1)(C)-18

Has the meaning given in section 2200 of the Homeland Security Act of 2002 (6 U.S.C. 650).

We use a combination of our own taxonomy and classification in addition to large language models to assess meaning and potential beneficiaries. High confidence means strong textual evidence. Always verify with the original bill text.

Learn more about our methodology