Blog

New U.S. Legislation Introduced to Help Small Business Provide Cybersecurity Training

Aug 16, 2022

New Legislation Introduced The Small Business Cybersecurity Act, S.4701 has been introduced by U.S. Sen. Maggie Hassan, D- N.H. Designed to bolster small businesses’ cybersecurity by providing funding to Small Business Development Centers.

In 2020, Senator Hassan worked to secure federal funding to such centers including the New Hampshire Small Business Development Center’s Cybersecurity Review program. The funds can be used to help Small Business Development Centers provide cybersecurity training for small business employees and administer reviews of small business’s cybersecurity.

The bill would authorize $20 million in 2023 and every year thereafter to the Small Business Administration (SBA).

Key aspects of the bill include establishing a federal program to provide direct grants to Small Business Development Centers to create or continue cybersecurity programs for small businesses. The bill would also allow for assistance for Small Business Development Centers provide cybersecurity training for small business employees and administer reviews of small business’s cybersecurity.

“As small businesses continue to modernize and do more work online, the risk of cyberattacks becomes more serious,” Hassan said. “New Hampshire’s Small Business Development Center is providing crucial support to local businesses, reviewing their cybersecurity and helping them defend against hackers. I encourage my colleagues to pass this bill so that Small Business Development Centers in New Hampshire and across the country can keep working to protect small businesses from cyberattacks and help them thrive.”

Were the bill to become law, it could be right in the wheelhouse of managed security service providers and managed service providers engaged with SMBs to protect customer networks from cyber attackers. Although not directly referenced by the bill’s sponsors, the Kaseya VSA supply chain cyber attack that hit some 50 MSPs a year ago and spread to hundreds of small businesses, may have influenced lawmakers to pay more attention to strengthening their defenses.

Two companion bills were introduced in the House last November that would require the SBA to report to Congress a cybersecurity breach that involves confidential information and inform lawmakers of the agency’s cyber capabilities. The Small Business Development Center Cyber Training Act would require small business development centers to have employees certified in cyber strategy counseling for small businesses.

Cybersecurity has been at the forefront of the current administration’s agenda and cyber forward bills have been receiving plenty of media attention as well as bipartisan support. However, since the start of the current congress over 500 bills have been introduced that relate in some way to cybersecurity and only 13 have passed both chambers.

If this is a bill you think your legislators should be taking seriously (ISC)² encourages you to vocalize that and encourage them to take this and other cybersecurity legislation seriously.

To contact your Senator check out this website or contact them directly through their official website.