House Considers Cybersecurity BillSeptember 21, 2016
On Sept. 21, the House will consider H.R. 5064, the Improving Small Business Cyber Security Act of 2016, legislation introduced by House Small Business Committee member Rep. Richard Hanna (R-N.Y.), that will allow Small Business Development Centers (SBDCs) to assist small businesses in developing or enhancing their cyber-security infrastructure, cyber threat awareness, and cyber training programs for employees.
Information technology is a necessity for small businesses as it equips them with the necessary tools to be competitive in the global economy. Unfortunately, small businesses are becoming increasingly targeted by cyber criminals. In fact, in a recent NSBA survey, 94 percent of small-business owners indicated that they are concerned about being targeted by cyber-attacks, and 42 percent indicated that they had been the victim of a cyber-attack.
Moreover, even a simple cyber-attack can destroy a small business. According to the NSBA 2015 Year-End Economic Report, the most common kind of cyber-attack was: general computer hacks, followed by stolen credit card information and website hacks. There was a notable increase over the previous year in the amount of time required to resolve a cyber-attack: in 2015, 42 percent say it took them more than three days to resolve the issue, up from 36 percent in the previous year. Cyber-attacks cost small businesses on average $7,115.26. For those firms whose business banking accounts were hacked, the average losses were $32, 020.56, up from $19,948 in 2014. This significant jump is likely due, at least in part, to the increased sophistication in phishing and hacking schemes as well as an improved economy that finds greater funds available in many small firms’ bank accounts than was there previously.
Thus, the NSBA-supported H.R. 5064 will ease the burden on small businesses facing cyber threats by providing access to additional tools, resources, and expertise through existing federal cyber resources. Specifically, it permits the Department of Homeland Security (DHS) and other federal agencies to work in coordination to provide assistance to small businesses through SBDCs. The information and resources distributed by SBDCs will streamline cyber support for small businesses. Additionally, the bill requires the Small Business Administration (SBA) and DHS to collaboratively develop a Small Business Development Center Cyber Strategy in consultation with representatives of SBDCs. It amends the Small Business Act and Homeland Security Act to allow SBDCs to offer cyber support to small businesses in accordance with the Cyber Strategy. This strategy will also provide guidance to SBDCs on how best to use existing federal resources to improve cyber support services for small businesses.
Keeping in mind the infrastructural limitations of small businesses, NSBA has long called for Congress to finds ways to keep them abreast of these threats by providing clear, simple steps companies can follow when their data is breached while balancing the need for greater information sharing with privacy rights. NSBA is pleased that H.R. 5064 accomplishes this by directing SBDCs to provide small businesses with access to cyber security specialists to help develop security infrastructure, increase awareness, and improve training programs. This will enable small businesses to better safeguard their businesses against cyber criminals and have the necessary tools to develop a comprehensive plan for tackling cyber threats.
Please click here to view NSBA’s letter of support for H.R. 5064.