Small businesses are more likely to lack resources to build robust cybersecurity capabilities, but Sens. Gary Peters, D-Mich., and Marco Rubio, R-Fla., are looking to address that challenge with their recently introduced Small Business Cybersecurity Assistance Act.
The bill would help educate small businesses on cybersecurity practices at Small Business Development Centers (SBDCs), which would provide counselors and resources through grant funding from the Small Business Administration (SBA).
“The bill directs the [SBA] to become a cybersecurity clearinghouse by consolidating and managing federal government cybersecurity materials so small businesses can easily access information in one place,” stated a press release from Sen. Rubio.
The legislation also would call upon the Department of Homeland Security (DHS) to train SBDC counselors on “higher-level cybersecurity information,” and develop cybersecurity tools to provide for small businesses.
Sen. Peters said that cybersecurity breaches of small companies not only hurt those businesses, but that they also act as “the doorway” for breaches at larger organizations. He said that since small businesses are the backbone of the U.S. economy, aiding them in cybersecurity is critical.
“Too many small business owners say they lack the resources they need to safeguard their businesses and customers from hackers, fraudsters, and cybercriminals,” Sen. Peters said. “This commonsense legislation will help ensure small businesses can access much-needed information and training to secure their systems from malicious cyberattacks.”
“Cyber criminals and state-sponsored foreign hackers continue to target small businesses’ online systems, paralyzing their networks and ability to operate,” Rubio added. “This bipartisan bill ensures that small businesses have greater access to critical resources and training to better protect their networks before a cyber-attack occurs.”
The bill integrates recommendations in a DHS and SBA SBDC Cyber Strategy report published in March. The report promotes centralizing cybersecurity information for small businesses to access, as well as expanding cybersecurity training, resources, and expertise at SBDCs.
“Together, DHS, SBA, and SBDCs will strengthen small businesses’ cyber defense by overcoming the common cybersecurity challenges of information sharing and access to government resources, and by making it easier for small businesses to address the full cybersecurity risk management lifecycle,” the report states.
Rubio, who chairs the Senate Small Business Committee, also introduced in March two small business cybersecurity bills that aim to expand cybersecurity awareness and training resources for small businesses. These bills – the Small Business Cyber Training Act and SBA Cyber Awareness Act – were both approved by the Small Business Committee and are tabled for a vote in the Senate.
Rep. Jason Crow, D-Colo., has also introduced companion legislation, which was added to the House’s National Defense Authorization Act (NDAA). The NDAA will likely see a vote in the House within the coming week.