HR8880-119

Reported

Small Business Cybersecurity Assistance Evaluation Act of 2026

119th Congress Introduced May 19, 2026

Summary

What This Bill Does

The Small Business Cybersecurity Assistance Evaluation Act of 2026 requires the Comptroller General to study federal cybersecurity initiatives, programs, resources, tools, and services intended to help small business owners identify cyber risks, assess preparedness, mitigate and recover from cyberattacks, address scams and fraud, and find capital for cybersecurity work. The study must identify common cyberattacks affecting small firms, describe federal resources, assess awareness and use, evaluate coordination and integration, judge effectiveness, identify missing foundational cybersecurity concepts, and recommend improvements.

The GAO report must go to the House and Senate small-business committees. A separate CUTGO section says no additional amounts are authorized to carry out the Act, so agencies must absorb the study work within existing resources.

Who Benefits and How

Small business owners benefit from a federal review focused on whether existing cybersecurity help is visible, usable, and effective. GAO auditors benefit from a clear study mandate. Congressional small-business committees benefit from recommendations on coordination, awareness, and capital access. Federal cybersecurity program managers benefit from an evidence base on gaps in existing tools. Small firms targeted by scams and social engineering benefit if federal resources are improved after the study.

Who Bears the Burden and How

GAO must perform the study and write the report without new authorization of funds. Federal cybersecurity initiative managers must provide information on programs, tools, awareness, and effectiveness. SBA and other agencies may have to respond to coordination findings. Small business outreach offices may face pressure to improve awareness. Existing agency budgets must absorb implementation costs.

Key Provisions

  • Requires GAO to study federal cybersecurity assistance for small businesses.
  • Requires assessment of awareness, use, coordination, effectiveness, and missing foundational cybersecurity concepts.
  • Directs recommendations to improve federal cybersecurity resources for small firms.
  • Requires the report to go to House and Senate small-business committees.
  • Bars additional funding authorization for carrying out the Act.

Evidence Chain:

This summary is generated from the full bill text using AI analysis. Expand "Detailed Analysis" below for identified beneficiaries/burden bearers with clause-level evidence links.

At a Glance

What This Bill Does

Requires GAO to study federal cybersecurity initiatives for small businesses, including awareness, use, coordination, effectiveness, missing foundational concepts, capital access, and recommendations, while authorizing no additional funding.

Key Policy Areas

Small Business, Cybersecurity, GAO, Federal Programs

Primary Purpose

Requires GAO to study federal cybersecurity initiatives for small businesses, including awareness, use, coordination, effectiveness, missing foundational concepts, capital access, and recommendations, while authorizing no additional funding.

Policy Domains

Small Business Cybersecurity GAO Federal Programs

House resolution provisions

Identified Gains
  • Small business owners
  • GAO auditors
  • Congressional small business committees
  • Federal cybersecurity program managers
  • Small firms targeted by scams
Model: codex-gpt-5 | Version: bill_summary_v2 | Source: ih
GAO auditors: ,
Small business owners: ,
Small firms targeted by scams: ,
Federal cybersecurity program managers: ,
Congressional small business committees: ,
Identified Costs
  • GAO
  • Federal cybersecurity initiative managers
  • SBA cybersecurity staff
  • Small business outreach offices
  • Existing agency budgets
Model: codex-gpt-5 | Version: bill_summary_v2 | Source: ih
GAO: ,
Existing agency budgets: ,
SBA cybersecurity staff: ,
Small business outreach offices: ,
Federal cybersecurity initiative managers: ,

Legislative Progress

Reported
Introduced Committee Passed
Jun 3, 2026

Placed on the Union Calendar, Calendar No. 592.

Jun 3, 2026

Reported by the Committee on Small Business. H. Rept. 119-679.

Jun 3, 2026

Committed to the Committee of the Whole House on the …

May 20, 2026

Ordered to be Reported by the Yeas and Nays: 23 …

May 20, 2026

Committee Consideration and Mark-up Session Held

May 19, 2026

Ms. Simon (for herself and Mr. Bresnahan) introduced the following …

May 19, 2026

Introduced in House

May 19, 2026

Referred to the House Committee on Small Business.

Stakeholder Effects

cui bono?

How this legislation distributes effects. Mention counts reflect frequency, not effect magnitude.

Government
4 mentions across 2 clauses
+1 positive -3 negative

Congressional small business committees, Existing agency budgets, GAO

Positive-direction: Congressional small business committees

Negative-direction: Existing agency budgets, GAO, GAO auditors

Technology
2 mentions across 1 clause
+1 positive -1 negative

Federal cybersecurity program managers, Small firms targeted by scams

Positive-direction: Small firms targeted by scams

Negative-direction: Federal cybersecurity program managers

Small Business
1 mention across 1 clause
+1 positive

Small business owners

2/3
sections analyzed
Full impact breakdown

Bill Structure & Actor Mappings

Who is "The Secretary" in each section?

Domains
Small Business Cybersecurity GAO Federal Programs
Actor Mappings
"gao"
→ Government Accountability Office

We use a combination of our own taxonomy and classification in addition to large language models to assess meaning and potential beneficiaries. High confidence means strong textual evidence. Always verify with the original bill text.

Learn more about our methodology