SPONSORED:

Lawmakers introduce legislation to boost cybersecurity of local governments, small businesses

Lawmakers introduce legislation to boost cybersecurity of local governments, small businesses
© iStock

A group of bipartisan House and Senate lawmakers on Friday introduced legislation to increase resources to help local governments, small businesses and nonprofit groups to defend themselves against cyberattacks. 

The Improving Cybersecurity of Small Organizations Act would require the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to develop and issue guidance on cybersecurity policies for small businesses, nonprofits and local governments. 

Both CISA and the Small Business Administration (SBA) would be required to promote the guidance, and the SBA would additionally be required to issue a report on the state of small business cybersecurity every two years.

ADVERTISEMENT

The bill is sponsored in the House by Reps. Anna EshooAnna Georges EshooHow to expand rural broadband, fast and affordably Hillicon Valley: Productivity, fatigue, cybersecurity emerge as top concerns amid pandemic | Facebook critics launch alternative oversight board | Google to temporarily bar election ads after polls close Lawmakers introduce legislation to boost cybersecurity of local governments, small businesses MORE (D-Calif.) and John KatkoJohn Michael KatkoWarren, Porter to headline progressive fundraiser supporting seven swing state candidates Trump fuels and frustrates COVID-19 relief talks Trump says talks on COVID-19 aid are now 'working out' MORE (R-N.Y.), the ranking member of the House Homeland Security Committee’s cybersecurity subcommittee. Sens. Jacky RosenJacklyn (Jacky) Sheryl RosenHillicon Valley: Productivity, fatigue, cybersecurity emerge as top concerns amid pandemic | Facebook critics launch alternative oversight board | Google to temporarily bar election ads after polls close Lawmakers introduce legislation to boost cybersecurity of local governments, small businesses Senators introduce bipartisan bill to help women, minorities get STEM jobs MORE (D-Nev.) and John CornynJohn CornynThe Hill's Campaign Report: Obama to hit the campaign trail l Biden's eye-popping cash advantage l New battleground polls favor Biden Quinnipiac poll finds Biden, Trump tied in Texas Biden endorses Texas Democratic House candidate Julie Oliver MORE (R-Texas) introduced the legislation in the Senate. 

Eshoo said in a statement Friday that the legislation was necessary, as “small businesses, small nonprofits and small local governments can’t afford to hire cybersecurity professionals, yet they are still vulnerable to debilitating cyberattacks.”

“Today, small businesses, local governments, and regional non-profits are facing growing risks when it comes to cybersecurity,” Katko said in a separate statement. “Unfortunately, the guidance that is available is overly complicated or geared toward organizations with greater resources. That’s why I’m glad to join Rep. Eshoo in introducing the Improving Cybersecurity of Small Organizations Act.”

Both Rosen and Cornyn separately praised the bill as addressing cybersecurity challenges faced by small businesses and local governments.  

“Small organizations are increasingly vulnerable to cyber-attacks, and many of them lack the resources to manage complex cyber risks,” Rosen said Friday. “This bipartisan and bicameral legislation will help protect our nation’s small businesses, nonprofits, and local governments from the growing threat of cyber-attacks and keep our economy and nation safe.”

ADVERTISEMENT

Cornyn said, “Small businesses and local governments face cybersecurity threats just as larger corporations do, and protecting against these risks doesn’t have to break the bank.”

The bill was introduced amid mounting cybersecurity challenges to groups nationwide during the COVID-19 pandemic, as more people move online for a variety of activities, and hackers increasingly target vulnerable systems.

Schools have become a major target in recent weeks, with cyberattacks aimed at school districts in Miami and Fairfax County, Va., temporarily disrupting online classes. 

Ransomware attacks — in which an attacker encrypts a system and demands a ransom — have been an increasing issue of concern for state and local governments in particular.

In 2019, the city governments of New Orleans and Baltimore were temporarily crippled by ransomware attacks, while almost two dozen towns in Texas were hit by a coordinated attack, slowing down city operations.  

State and local officials have begged Congress for more resources to address the ongoing targeting. Bipartisan lawmakers in the House and Senate have introduced various measures in response, including a bill last month that would provide $28 billion in federal aid to state and local governments to shore up older IT systems during the COVID-19 pandemic.