S. 2699 would direct the National Institute of Standards and Technology (NIST) to implement a campaign to increase cybersecurity literacy among the public. The bill would direct NIST to encourage people to mitigate risk by using publicly available resources. NIST also would be required to provide information on a variety of topics, including:
How to identify phishing emails;
The benefits of changing default passwords on hardware and software;
How to use anti-virus software, firewalls, and multi-factor authentication;
How to identify which devices (including home appliances and other smart devices) could pose cybersecurity risks; and
How to limit exposure within public Wi-Fi networks.
The costs of the legislation, detailed in Table 1, fall within budget function 370 (commerce and housing credit).
