The United States House of Representatives has passed two bills to strengthen the cybersecurity of small businesses.
The Small Business Development Center Cyber Training Act of 2021 attracted strong support among House members of all political persuasions and was passed on Tuesday with a vote of 409 in favor to 14 against.
Representative Andrew Garbarino, who is both a member of the Small Business Committee and a ranking member of the Committee on Homeland Security’s Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation, introduced the bill back in July.
Speaking on the House floor yesterday in support of the legislation, Garbarino said: “Cyberattacks are on the rise, and small businesses are increasingly vulnerable.
“Nearly 50% of cyberattacks are directed at small businesses, which can result in devastating financial, intellectual property, and reputational loss.”
Explaining why cyber-criminals may choose to victimize smaller companies over larger companies, Garbarino said: “Small businesses are targeted because they often lack the resources or technical knowledge needed to implement and maintain cybersecurity defenses.”
Garbarino said he had personally witnessed the difficulties small businesses experience when trying to defend themselves against cyber-attacks.
The Small Business Development Center Cyber Training Act would establish a cyber counseling certification program at Small Business Development Centers (SBDCs) so that they can better assist small businesses with their cybersecurity and cyber-strategy needs.
If enacted into law, the legislation would authorize the Small Business Administration (SBA) to reimburse SBDCs for employee certification costs up to $350,000 per fiscal year. These costs would be covered by existing federal resources.
“This bill provides much needed resources to help small businesses improve their cyber preparedness in the face of rising threats,” said Garbarino.
On Tuesday, the House also approved the Small Business Administration (SBA) Cyber Awareness Act, which would require the SBA to generate a report about its cybersecurity capabilities and inform Congress if a cybersecurity breach occurred that could potentially compromise sensitive information.
Representative Jason Crow, who co-sponsored the legislation, said: “This bill would ensure we are doing everything we can to protect the millions of small businesses that the SBA serves and prepare them for 21st-century threats.”