House Committee Talks Cybersecurity

March 15, 2017

Last week, the House Committee on Small Business held a hearing on cybersecurity and how issues surrounding data and financial security impact small business. The hearing explored how the federal government can ensure that small businesses have the tools they need to protect themselves from cyber threats—and not simply MORE tools, but better coordination of those tools and resources.

In his comments during the hearing, Chairman Steve Chabot (R-Ohio) stated, “A cyber-attack can have serious consequences, not only for small businesses, but also their customers, employees, and business partners. Sixty percent of small businesses that fall victim to a cyber-attack close up shop within six months. A 2014 survey from the National Small Business Association estimated the average cost of a cyber-attack on a small business to be over $32,000.”

NSBA asked a number of cybersecurity-related questions in its 2015 Year-End Economic Report, which found that 42 percent of small businesses report they have been the victim of a cyber-attack. Those attacks take a significant amount of time to resolve: 42 percent of small-business owners said it took them more than three days to resolve the issue.

The hearing featured experts from the National Institute of Standards and Technology (NIST), the Federal Trade Commission and America’s Small Business Development Centers, all of whom expressed the growing complexity of protecting online systems and the unique challenges small business face in doing so.

Improving cybersecurity and financial protection was voted one of NSBA’s priority issues for the 115th Congress. Small businesses need pragmatic, streamlined guidelines and protocols to ensure the protection of online data and financials without unnecessary compliance burdens.

The key cybersecurity policy implications NSBA is supporting include:

  • Legislation should provide clear, simple steps for companies to follow when their data is breached and must balance the need for greater information sharing with privacy rights;
  • Any private-public partnership or advisory board must include representatives of small business; and
  • Consumer banking protections must be extended to the banking accounts held by America’s smallest firms.

NSBA urges Congress to move forward on establishing streamlined guidelines and protocols to ensure the protection and security of our online data and financials, but cautions against a knee-jerk reaction that would unfairly place a disproportionate burden on America’s smallest firms.