The House on July 15 approved two bills that aim to bolster Small Business Administration (SBA) cybersecurity, and help small businesses combat cyberattacks.
The legislation – the SBA Cyber Awareness Act and Small Business Development Center Cyber Training Act – were sponsored by Reps. Jason Crow, D-Colo., and Steve Chabot, R-Ohio, respectively, and approved by the House Small Business Committee in June.
The first of the two bills would require the SBA to report to Congress annually with an assessment of its IT, if any SBA equipment was manufactured in China, and details of all cyber threats and incidents that SBA has faced since the submission of the previous report.
On a more regular basis, the SBA Cyber Awareness Act would also mandate SBA to notify Congress within a week of, as well as small businesses and individuals within 30 days of, cyber incidents and attacks on the SBA.
“Cybersecurity is one of the biggest threats to our economy and small businesses,” Crow said when he introduced the legislation in April. “Our businesses are the backbone of our economy but are increasingly the target of cyberattacks and theft of small business data and intellectual property.”
The Small Business Development Center Cyber Training Act, which Chabot introduced in March, would require small business development center counselors to become certified in cybersecurity so that they can aid small businesses in mitigating and responding to cyberattacks.
“H.R. 1649 would establish a cyber counseling certification program in lead Small Business Development Centers to provide specific, free-of-charge cyber training for small businesses,” Chabot said of his bill.
The two pieces of legislation have companion bills in Senate sponsored by Sen. Marco Rubio, R-Fla., who also chairs the Senate Small Business Committee. Those bills await votes in the Senate.