Washington, D.C. – U.S. Senator Jim Risch (R-ID), chairman of the Senate Committee on Small Business and Entrepreneurship, today chaired a hearing on preparing small businesses for cybersecurity success. With about 71 percent of data breaches occurring in businesses with fewer than 100 employees, the hearing focused on combating the threat before an attack occurs, and ways the government can collaborate with small businesses to provide help after an attack happens. Video of Risch’s opening remarks can be found here, and a transcript is below.


Transcript of Risch’s opening remarks as delivered: 

Welcome, the committee will come to order today, we’re going to have a hearing entitled, "Preparing Small Businesses for Cybersecurity Success.” And I have a few remarks, and then I’m going to turn it over to the Ranking Member for his remarks. 

“We’ll then hear from our distinguished panel. Thank you so much, all of you, for joining us. Thank you everyone for coming today, and this is a hearing on one of the most dire threats to small businesses and individuals in our nation: the increasing number of attacks by cyber criminals. 

“The same technology that enables small businesses to do business online and compete in the global marketplace also makes their sensitive information vulnerable to phishing schemes and ransomware attacks. Small businesses are especially vulnerable, as about 71 percent of data breaches occur in businesses with fewer than 100 employees. Regrettably, many of these attacks are preventable and can be tied back to missteps made by a business’ employees. 

“News of cyber-attacks makes headlines each day, and we know that Russia, Iran, China and North Korea are some of the biggest cyber hackers in the world. We have confirmation that Russia tried to interfere in our elections, and recent reports have been made public that they are compromising the information of individuals and small businesses in our country and the U.K. In recent years, the Russians have completely shut down Estonia’s e-commerce, waged cyber war against Ukraine's energy grid, and they are constantly seeking to destabilize other countries. 

“Additionally, North Korea has repeatedly attacked public and private entities in attempts to steal cryptocurrency to shore up their finances in the face of economic sanctions. 

“There are many bad actors out there, and they grow in number and capability every day. Perpetrators vary from individuals to those directed by countries, putting small businesses in our country at great risk. This issue hits especially close to home in a rural state like Idaho where e-Commerce is sometimes the only way to do business. 

“That’s why I have worked on three different pieces of bipartisan legislation to offer more tools to arm small businesses against potentially devastating cyber threats. The MAIN STREET Cybersecurity Act will require the National Institute of Standards and Technology (NIST) to disseminate a small business-friendly version of its renowned cybersecurity framework. This will better position small businesses to protect their assets, customers, and employees. 

“I have also introduced the Small Business Cyber Training Act to train the counselors at regional Small Business Development Centers throughout the country on educating entrepreneurs on protective cyber habits when they are first starting a new business, which will help them institute safe practices before the problem arises. 

“And just yesterday, I introduced the Small Business Cybersecurity Enhancements Act to prepare the Small Business Development Centers to receive information on cyber threats and breaches from small businesses in the field when these incidents happen. 

“Cyber-attacks are too frequently the last nail in the coffin for many small businesses, who already face an uphill battle to get started, get funded, and keep up with new regulations. I look forward to hearing from our witnesses today about their experiences with cyber threats and about what we can do to prevent these attacks. 

“I’d like to welcome Mr. Daniel Castro, the Vice President of the Information Technology & Innovation Foundation (ITIF) and the Director of its Center for Data Innovation. Prior to ITIF, Mr. Castro worked as a scientist for the Software Engineering Institute and as an IT analyst for the Government Accountability Office. We look forward to his testimony, as he is named one of FedScoop’s 25 most influential people under 40 in government and tech. 

“I’m also pleased to welcome Mr. Ben Toews from Hayden, a small town located in North Idaho. After starting with Bullet Tools while still a student at Gonzaga University, Mr. Toews eventually worked his way up to become president of the company. He has helped Bullet Tools fend off a ransomware attack and has contributed to the company’s 300 percent growth over the past five years. In addition to his full-time job, Mr. Toews is a member of the Idaho SBDC’s Advisory Council, assisting other small business owners and entrepreneurs. Mr. Toews, I look forward to your testimony. And as a side note, Mr. Ranking Member, you’d be interested to hear that when I sat in that seat, the chairman from the then majority party and I visited that business up there. And we were well entertained and enjoyed ourselves. 

“We also welcome Russell Schrader, the Executive Director of the National Cyber Security Alliance. And we welcome Ms. Gina Abate, President and CEO of Edwards Performance Solutions. Both of these will be further introduced by Ranking Member Cardin. Thank you for being here with us today.”

Click here to read the testimony of Ben Toews, Bullet Tools of Hayden, Idaho.