The Senate Committee on Small Business & Entrepreneurship advanced a bill to ensure that the information technology (IT) systems at the U.S. Small Business Administration (SBA) are protected from cyber criminals.
The committee unanimously approved the bill, the SBA Cyber Awareness Act, introduced by committee chair Sen. Marco Rubio (R-FL) and ranking member Sen. Ben Cardin (D-MD).
“Thousands of borrowers, lenders and small businesses share confidential and personally identifiable information with the SBA every year and we must do all we can to keep their data out of the hands of cybercriminals. While the SBA has been making progress on improving its internal cybersecurity capabilities, this legislation will help the SBA meet its cyber goals faster and provide important congressional oversight,” Cardin said.
The bill is based on an October 2018 SBA Office of Inspector General (OIG) report, which said the SBA had made “substantial progress” toward modernizing its IT capabilities, but still needed to do more.
Specifically, the bill would require the SBA to assess its internal cybersecurity; develop an agency cyber strategy; report to the Senate and House small Business committees on actions taken to secure agency data and systems, threats and breaches, and actions taken to mitigate them.
The committee also nominated David Tryon to be chief counsel for the Office of Advocacy of the SBA.