The U.S. Congress recently passed two bills aimed at bolstering data security measures for small businesses. These pieces of legislation would strengthen the Small Business Administration’s oversight, mitigate vulnerabilities and give entrepreneurs the tools to manage their network hygiene effectively.
The first bill, the Small Business Administration (SBA) Act, was introduced by Representatives Yung Kim, a Republican from California, and Jason Crow, a Democrat from Colorado. It is designed to give the SBA more clout in addressing and documenting the increasing number of attacks on small business systems. To that end, the bill requires that the SBA expand its own IT operations, mandating documentation of its cybersecurity infrastructure, equipment and tools, improvement strategies, and reports of any security events in the agency.
The second bill, the Small Business Development Center Cyber Training Act, was sponsored by New York Republican Andrew Garbarino with endorsement from Ohio Republican Steve Chabot and Pennsylvania Democrats Chrissy Houlahan and Dwight Evans. This bill would provide entrepreneurs with the support they need to take control of their cybersecurity. Furthermore, the legislation would give local Small Business Development Centers the financial resources necessary to provide cybersecurity certification training to owners and their employees.
In an era when data breaches and ransomware attacks are devastating even the smallest companies, the U.S. House of Representatives is taking proactive steps on two levels. To exercise broader control, it works to support and enhance the capabilities of the SBA. At the same time, it’s more granular actions equip local business centers and the small companies they serve with the resources they need to take ownership of their digital security awareness and practices. With legislation furnishing the infrastructure and companies taking ownership of their daily cyber activities, there is sure to be a positive impact.