CBO Scores the MAIN STREET Cybersecurity Act of 2017

Coverage Type: 

The MAIN STREET Cybersecurity Act of 2017 (S 770) would direct the National Institute of Standards and Technology (NIST) to provide resources to small businesses to help them reduce their cybersecurity risks. Under the bill, NIST would be required to provide and update tools, methodologies, guidelines, and other resources to small business to use on a voluntary basis.

Based on an analysis of information from NIST, CBO estimates that implementing S 770 would cost $6 million over the 2018-2022 period, including $2 million in 2018 for NIST to consult with several federal agencies and develop such resources and an additional $4 million over the 2019-2022 period to update those resources; such spending would be subject to the availability of appropriated funds. Enacting S 770 would not affect direct spending or revenues; therefore, pay-as-you-go procedures do not apply. CBO estimates that enacting S 770 would not increase net direct spending or on-budget deficits in any of the four consecutive 10-year periods beginning in 2028. S 770 contains no intergovernmental or private-sector mandates as defined in the Unfunded Mandates Reform Act and would not affect the budgets of state, local, or tribal governments.


CBO Scores the MAIN STREET Cybersecurity Act of 2017