MTS CYBER Act of 2026

What happened: On February 20, 2026, Rep. McDowell (R-NC) introduced HR 7625, the MTS CYBER Act. The bill was referred to two committees (Transportation & Infrastructure; Homeland Security) and then to subcommittees. As of June 3, 2026, it remains in early stage – no hearings, no markup, no floor vote. The bill text directs the Comptroller General (GAO) to review the Coast Guard's budget, resources, and capabilities as co-Sector Risk Management Agency for the marine transportation system. It does not authorize or appropriate any funding.

Money trail: Zero. The bill is a study mandate. It does not create a grant program, tax credit, or procurement authorization. Any future cybersecurity spending for the Coast Guard would require a separate appropriations bill. The bill's findings note that $20B was allocated for port infrastructure under the Investing in America Agenda but that cybersecurity-specific allocations were unspecified – this bill does not change that.

Structural winners/losers: No direct winners or losers. The bill is procedural. If it leads to future appropriations for Coast Guard cybersecurity, endpoint security vendors like CrowdStrike ($CRWD) and network security vendors like Palo Alto Networks ($PANW) could eventually benefit. However, that is a multi-step inference with low confidence. The bill does not mandate any private-sector compliance changes, so maritime operators (e.g., $CSX, $UNP, $DAL) are unaffected.

Real market data: No real market data was provided for price trends. Based on structural positioning, cybersecurity stocks have no near-term catalyst from this bill.

Timeline: The bill must pass both House committees, then the full House, then the Senate, then be signed. Given its early stage and lack of urgency, passage in the 119th Congress is uncertain. Even if passed, the GAO study would take 6-12 months, with any resulting procurement years away.