Washington, D.C. – Yesterday, President Donald Trump signed the NIST Small Business Cybersecurity Act, legislation authored by U.S. Senators Jim Risch (R-Idaho) and Brian Schatz (D-Hawai‘i). The bipartisan bill will provide a consistent set of resources for small businesses to best protect their digital assets from cybersecurity threats. Small businesses are a pillar of the American economy and make up more than half of all jobs in the United States. But these businesses have also become a major target for cyber-attacks. 

“Small- and medium-sized businesses face a heightened threat and suffer most from cyber-attacks, which is why Senator Schatz and I worked so hard in a bipartisan fashion to provide Main Street America with usable resources on how to keep themselves secure,” said Senator Risch, chairman of the Senate Committee on Small Business and Entrepreneurship. “I am so glad President Trump signed this legislation into law, allowing small businesses in Idaho and across the nation to better safeguard against cyber threats.” 

In addition to Risch and Schatz, co-sponsors of the bill include U.S. Senators John Thune (R-S.D.), Maria Cantwell (D-Wash.), Bill Nelson (D-Fla.), Cory Gardner (R-Colo.), Catherine Cortez Masto (D-Nev.), Maggie Hassan (D-N.H.), Claire McCaskill (D-Mo.), and Kirsten Gillibrand (D-N.Y.).

In 2014, the Senate unanimously passed the Cybersecurity Enhancement Act of 2014, which codified the industry-led process for the National Institute of Standards and Technology (NIST) Cybersecurity Framework, a comprehensive voluntary guide for organizations and businesses to better manage and reduce cybersecurity risks. While this framework continues to play a key role in improving the cyber resilience of the United States, additional coordinated resources are necessary to improve the ability of small businesses to use the framework. The legislation, formerly known as the MAIN STREET Cybersecurity Act, will ensure NIST considers the needs of small businesses as it updates the framework and provides simplified, consistent resources based on the NIST framework specifically for small businesses.