Legislation Approved to Bring Cybersecurity Training to Small Businesses
A new bill passes in the House of Representatives
House lawmakers on May 9th, 2018 approved legislation meant to help small businesses in the United States better guard themselves against cyber threats.
The bill, H.R. 3002 – Small Business Cyber Training Act of 2019, was introduced by Rep. Steve Chabot (R) of Ohio, the chairman of the House Small Business Committee. The bill would clear the way for employees of small business development centers across the country to receive training in cybersecurity.
Specifically, the legislation would require the Small Business Administration to establish a “cyber counseling certification program” to provide cybersecurity training to employees at small business centers that receive federal grants. The bill provides for not fewer than five employees or ten percent of the total number of employees at the Small Business Development Centers. The idea is to ensure that these small business development centers can provide cybersecurity assistance to small businesses that ask for it.
The legislation would also mandate that the Small Business Administration reimburse development centers for costs associated with cyber training, though the price tag could not exceed $350,000 in any given year.
Why is this important?
Federal lawmakers have become ever more concerned that small businesses are more susceptible to cyberattacks. This is because small businesses typically lack the capital that larger companies have to make adequate investments in cybersecurity protection and training. In some cases, small business owners are complacent believing that they aren’t at risk or they don’t have anything worth stealing.
This means that small businesses are at great risk of being targeted by cybercriminals. Since security breaches can be devastating to small businesses. With over 60 percent of small businesses forced to close their doors within six months of a cyberattack, it is imperative that they learn as much as they can to protect their livelihood.
While the bill has passed the House and is a huge positive step forward, it still needs to clear several hurdles before becoming law and then a while longer before it’s fully implemented and can benefit your business.
There are several things you can do in the meantime to help protect your business and its computer systems.
First of all, if you haven’t already, you should install security software on all your systems, such as a good antivirus/anti-malware package. These packages provide continuous protection from these threats.
Second, have a backup computer system or at the very least, backup your existing systems and keep the backups off-site. This will allow you to recover in the event you’re attacked. This is especially important if you’re attacked with Ransomware.
Thirdly, train yourself and your employees to recognize and respond to threats, such as phishing attacks, leaving systems unlocked and unattended, social engineering and physical security.
Finally, if you are the victim of a breach the following recommendations should be followed:
- Act immediately: Contact law enforcement and legal resources you may have.
- Contain the breach: Take systems offline, but don’t turn them off.
- Document the steps you’re taking: Authorities will want to know these details.
- Communicate: Ensure affected parties are aware of the problem and that steps are being taken to minimize or eliminate the threat.
Subscribe to our newsletter
Fresh small business insights and ideas delivered weekly to your inbox, gratis.