Print

Lipinski Leads Bill That Helps Small Businesses Strengthen Cybersecurity

With bipartisan support, the House has approved H.R. 2105, the National Institute of Standards and Technology (NIST) Small Business Cybersecurity Act of 2017,a bill led by Congressman Dan Lipinski (IL-3) that will help small businesses better protect their computer systems from cyberattacks that can cost hundreds of thousands of dollars and even bankrupt many small companies. 

The NIST Cybersecurity Framework for Critical Infrastructure provides valuable guidance on cybersecurity best practices for organizations of all sizes, but small businesses often don’t have the time or resources to figure out how to adapt it to their needs and implement it.  This bill directs NIST to create clear guidelines, tools, and best practices specifically for small businesses so that they can protect their networked resources.

“Most small businesses do not have significant IT departments,” said Lipinski on the House floor.  “Some do not even have any dedicated information security personnel.  Thus they may be more at risk of cyberattacks than large enterprises.  These incidents hurt individual small business owners, employees, customers, and American competitiveness.  In my district, there is a fourth generation family manufacturing business that has suffered multiple sophisticated phishing attacks.  The few times they have fallen victim to these attacks, the costs have been significant.  The owners have told me that they would welcome guidance on affordable, off-the-shelf resources to strengthen their cyber-defenses and let them get back to focusing on their business.  This is a story repeated across the country, which is why this bill is so important.”

The guidelines created under this bill, like the NIST Framework, will be voluntary, so there won’t be any additional regulatory burden on small businesses.  This legislation will give them the opportunity to secure their networks so that they can compete on a level playing field.