This review was conducted to evaluate the Cybersecurity and Infrastructure Security Agency’s (CISA) progress in meeting the Cybersecurity Act’s requirements for 2019 and 2020. They recommend that CISA complete system upgrades, hire needed staff, encourage compliance with information sharing agreements and develop a formal reporting process with quality controls.