This week, as U.S. officials warn of potential Russian cyberattacks stemming from the Ukrainian invasion, Reps. Dave Joyce (R-Ohio), Josh Gottheimer (D-N.J.), Andrew Garbarino (R-N.Y.), and Joe Morelle (D-N.Y.) introduced H.R. 6812, the Small Business Cybersecurity Assistance Pilot Program Act. Administered by the Small Business Administration (SBA), the Cybersecurity Assistance Pilot Program would provide small businesses with access to critical cybersecurity tools.
Specifically, the lawmakers’ bipartisan bill authorizes $3 million for the Cybersecurity Assistance Pilot Program. While the enacted FY2021 Appropriations bill appropriated this funding, it was never authorized. The Small Business Cybersecurity Assistance Pilot Program Act strengthens this important grant program by authorizing the funding and requiring the SBA to report on how the grant funding was used and to identify the current, most pressing cybersecurity needs of small businesses.
“If cybercrime were measured as a country, it would be the world’s third-largest economy after the U.S. and China,” said Joyce. “Unfortunately, as more small businesses adopt digital tools, they become increasingly vulnerable to cybersecurity attacks. That’s why I introduced the Small Business Cybersecurity Assistance Pilot Program Act. With the heightened threat of Russian cyberattacks against U.S. companies, protecting our nation’s small businesses from cyberattacks is both an economic and a national security imperative.”
“Cyber criminals do not discriminate when it comes to who they target, whether a fortune 500 company or a mom-and-pop small business,” said Garbarino. “The only difference is that small businesses often do not have the cybersecurity infrastructure or expertise to protect themselves, creating a great threat to our economy and national security. This bill will provide flexible funding to allow states to assist vulnerable businesses and direct the SBA to identify the most pressing cybersecurity related needs of small businesses.”
“Small businesses are the backbone of our economy—yet in our increasingly digital world, too many fall victim to cyberattacks that can be devastating,” said Morelle. “I’m proud to co-sponsor this legislation to help businesses strengthen their cybersecurity infrastructure and prevent dangerous online attacks. I’m grateful to my colleagues in Congress for their partnership on this important legislation and I look forward to our continued work together to support our small business community.”
Recently, the Federal Bureau of Investigation (FBI) called on the U.S. private sector to be prepared for potential state-sponsored cyberattacks to be launched by Russia as the security situation in Ukraine continues to deteriorate. Russia has previously used cyberattacks to cripple U.S. entities, including as recently as 2020 when Russian hackers infiltrated several government agencies after they compromised software from SolarWinds, an IT management software company based in Texas. In total, the malware was received by 18,000 public and private sector users of SolarWinds, including the U.S. Treasury Department, as well as the Energy and Commerce Departments, and other government agencies; SolarWinds said that “fewer than 100” of the total users who downloaded the malware were hacked.