Rep. Mace's Bill PASSED to Bolster Cybersecurity in Federal Contracting

(Washington, D.C., March 3rd 2025)  – The House of Representatives today passed H.R. 872, the Federal Contractor Cybersecurity Vulnerability Reduction Act of 2025, bipartisan legislation spearheaded by Congresswoman Nancy Mace (R-SC) to fortify America’s digital defenses against cyber threats.

With cyberattacks on the rise, this bill closes a glaring loophole by requiring all federal contractors to implement a vulnerability disclosure policy (VDP)—a critical tool that allows ethical hackers to identify and report security weaknesses before they can be exploited by bad actors.

"Cyber threats don’t wait for bureaucratic red tape. This legislation ensures federal contractors meet the same high cybersecurity standards we expect from federal agencies," said Rep. Nancy Mace. "By eliminating vulnerabilities before our adversaries can exploit them, we’re reinforcing America’s cyber resilience in real time."

This bill has gained strong backing from the tech and cybersecurity industry, including Microsoft, Trend Micro, HackerOne, Bugcrowd, Infoblox, Rapid7, and Tenable—leading companies on the frontlines of cyber defense.

H.R. 872, co-led by Rep. Shontel Brown (D-OH), expands on existing federal cybersecurity requirements by bringing federal contractors up to speed with the latest security protocols. The bill directs the Office of Management and Budget (OMB) and the Department of Defense (DoD) to swiftly update federal acquisition regulations, ensuring stronger protections are in place.

The bill now heads to the Senate for consideration.

For media inquiries, contact SC01Press@mail.house.gov
###