April 26, 2016

Kilmer, Hanna Bill Aims to Curb Cyberattacks on Small Businesses

WASHINGTON – American small businesses increasingly are the victims of cyberattacks and often are not prepared to prevent attacks or recover from successful intrusions.

That’s why today U.S. Representatives Richard Hanna (R-NY) and Derek Kilmer (D-WA) introduced the Small Business Cyber Security Act to help American entrepreneurs protect themselves from cybercrimes and create cybersecurity plans that meet their business’ needs.

Original cosponsors of the bill include: Small Business Committee Chairman Steve Chabot (R-OH), Ranking Member Nydia Velazquez (D-NY), Rep. Elise Stefanik (R-NY), Rep. Yvette Clarke (D-NY), Rep. Grace Meng (D-NY), Rep. Steve Knight (R-CA), and Rep. Barry Loudermilk (R-GA), Rep. Donald M. Payne, Jr. (D-NJ), Rep. Carlos Curbelo (R-FL), and Rep. Jim Renacci (R-OH).

This is a crime of opportunity and it is a very real one. By one estimate, three out of every five cyberattacks now target small businesses. With America’s 28 million small businesses making up 54 percent of annual sales in the U.S., the frequency of such attacks and the high costs they create for small businesses could have ripple effects throughout our economy.  

A recent report by the Internet security firm McAfee found that 90 percent of small- to medium-sized businesses need support to protect customer information. A separate study determined that 83 percent of small businesses do not have an established cyber security plan.

“Many small business owners don’t have the time or resources to plan for a cyberattack or keep up to date with rapidly changing technology,” Rep. Hanna said. “While programs exist at the federal level to provide cyber assistance to small businesses, what we’ve found is that they are not always assessable or well-coordinated. This bill would streamline and improve these resources, providing critical assistance to American entrepreneurs to help them safeguard their business transactions and protect information from thieves who want to do them harm.”

“Small businesses are the backbone of our economy,” Rep. Kilmer said. “As more and more local employers use technology and have online customer transactions, the federal government needs to make sure they're able to combat cyberattacks. Our bill would give small businesses key tools so they can develop a comprehensive plan for tackling cyber threats and better protect their bottom lines.”

Small business cybersecurity has been a top priority of the House Committee on Small Business this Congress.

Last week, the Committee hosted a hearing specifically focused on the topic and expert witnesses told lawmakers that increased, sophisticated cyberattacks pose a threat to both small businesses and the federal government. Earlier this month, Chairman Chabot questioned IRS Commissioner John Koskinen about what steps his agency was taking to beef up cybersecurity after a breach exposed data from 700,000 accounts.

ABOUT THE BILL

  • This no-cost legislation leverages the expertise of the more than 900 Small Business Development Centers (SBDCs) around the country to support small businesses in developing affordable cyber security plans and enhancing their cyber infrastructure.
  • It authorizes SBDCs to offer cyber support to small businesses in accordance with a SBDC Cyber Strategy, which is to be developed jointly by the Department of Homeland Security and the Small Business Administration.
  • Small Business Development Centers have been on the ground helping small businesses for more than 30 years and this bill will provide them with the resources, tools, and guidance they need to better meet the 21st century needs of small businesses.

C. E. "Tee" Rowe, President and CEO of America’s Small Business Development Centers, said the organization strongly supports this legislation.

“The threat of cyberattack faces every small business every day and has the potential to cost them not just money but their livelihoods,” President Rowe said. “This legislation will enable the Department of Homeland Security, SBA and the nationwide network of SBDCs to collaborate to provide small businesses with up-to-date commonsense responses to the threat of cybercrime.” 

Rochelle Layman, Director of the Small Business Development Center at Binghamton University in New York said this bill will help the small business sector improve its cybersecurity infrastructure in an affordable manner.

“The area of cyber-security usually reaches the press headlines when a major corporation or U.S. Agency's cyber security gets breached, but we don’t often hear about the small businesses that are at risk and much less prepared to deal with the domestic and international threat,” Director Layman said. “Congressman Hanna’s bill, the Improving Small Business Cyber Security Act of 2016, is the first bill that seeks to address the small business threat – a threat that can kill a small business as well as expose its business partners to cyber security threats. Rather than wait until a crisis develops, which most feel is coming, Congressman Hanna has recommended through his bill that the nation act decisively to lessen or eliminate that threat by improving the security of small businesses across the nation through a combined effort of Small Business Development Centers and existing federal Agencies dealing with the small business cyberattacks.”

Duane Fladland, Director of the Washington State Small Business Development Center, said that his organization is looking forward to this bill becoming a reality for small businesses.

“This is a proactive and collaborative approach that just makes sense from a national and local perspective,” Director Fladland said. “In Washington state, the SBDC's close ties to Washington State University and other institutions of higher education and economic development offers a footprint with extraordinary connections and credibility in the small business community.  This is an initiative that's time has come, and we are excited to play a part in it.”

###