There is 1 version of this bill. View text

Click the check-box to add or remove the section, click the text link to scroll to that section.
Titles Actions Overview All Actions Cosponsors Committees Related Bills Subjects Latest Summary All Summaries

Titles (2)

Short Titles

Short Titles - Senate

Short Titles as Introduced

Internet of Things (IoT) Cybersecurity Improvement Act of 2017

Official Titles

Official Titles - Senate

Official Titles as Introduced

A bill to provide minimal cybersecurity operational standards for Internet-connected devices purchased by Federal agencies, and for other purposes


Actions Overview (1)

Date Actions Overview
08/01/2017Introduced in Senate

All Actions (1)

Date All Actions
08/01/2017Read twice and referred to the Committee on Homeland Security and Governmental Affairs.
Action By: Senate

Cosponsors (4)

* = Original cosponsor
CosponsorDate Cosponsored
Sen. Gardner, Cory [R-CO]* 08/01/2017
Sen. Wyden, Ron [D-OR]* 08/01/2017
Sen. Daines, Steve [R-MT]* 08/01/2017
Sen. Hassan, Margaret Wood [D-NH] 10/16/2017

Committees (1)

Committees, subcommittees and links to reports associated with this bill are listed here, as well as the nature and date of committee activity and Congressional report number.

Committee / Subcommittee Date Activity Related Documents
Senate Homeland Security and Governmental Affairs08/01/2017 Referred to

A related bill may be a companion measure, an identical bill, a procedurally-related measure, or one with text similarities. Bill relationships are identified by the House, the Senate, or CRS, and refer only to same-congress measures.


Subjects (1)


Latest Summary (1)

There is one summary for S.1691. View summaries

Shown Here:
Introduced in Senate (08/01/2017)

Internet of Things (IoT) Cybersecurity Improvement Act of 2017

This bill requires Internet-connected devices purchased by federal agencies to meet specified security requirements, including requirements that the devices (1) do not contain known security vulnerabilities or defects; (2) rely on software or firmware components capable of accepting properly authenticated and trusted updates from the vendor; (3) rely only on non-deprecated industry-standard protocols and technologies for certain functions; and (4) do not include fixed or hard-coded credentials.