Cyber Insecurity Is a Big Problem for Small Business. This House Bill Seeks to Lessen the Impact

Small businesses hit with cyberattacks may soon get a helping hand from the federal government.

A bipartisan bill introduced this week by House Small Business Committee Chairwoman Nydia M. Velázquez (D-NY) and Representative Byron Donalds (R-FL) is aimed at increasing information-sharing between small businesses and the federal government. While the full text of measure H.R. 4513 has not been made available, both of the bill’s co-sponsors released statements that offer an early glimpse of what’s to come. 

The bill would allow the Small Business Administration’s Small Business Development Centers (SBDC), which serve as local resource centers for entrepreneurs, to collect information from small businesses on cyberattacks. Under the measure, any business that shares information with an SBDC is entitled to the same protection as other entities under the law. Finally, the bill provides liability protections for small businesses that share information. 

The bill has some urgency, given the rise of cyberattacks among small businesses in the last few months. The pandemic fueled the problem, as more people tended to work from home and vulnerabilities grew accordingly, a mid-year cybercrime report from security firm Sontiq shows. The study found that small, less widely reported data breaches resulted in the loss of the most significant levels of information, including personal identifiable information (PII) such as social security numbers and mailing addresses. 

“Small businesses, in particular, were not as well-equipped to fend off cyberattacks,” Jim Van Dyke, senior vice-president of financial wellness at Sontiq, said in a statement. “Most people do not realize how dangerous these small-scale data breaches can be.”

Velázquez would echo that sentiment. “Unfortunately, small businesses often lack the resources needed to develop adequate cybersecurity strategies and are reluctant to report cyber threats to the federal government,” she said in a statement. “This bill will encourage collaboration and information sharing between small businesses and the federal government, helping to protect small firms that are vulnerable to cyber-attacks.”

The bill has been referred to the House Committee on Small Business, which will eventually debate the proposal, adopt any amendments, and vote on approval. A markup date has yet to be scheduled.