Like Causes?

Install the App
TRY NOW

house Bill H.R. 2105

NIST Small Business Cybersecurity Act

Bill Details

Official information provided by the Congressional Research Service. Learn more or make a suggestion.
The Congressional Research Service writes summaries for most legislation. These summaries are listed here. Causes will update some legislation with a revised summary, title or other key elements.

Suggest an update to this bill using our form.

Title

NIST Small Business Cybersecurity Act

Official Title

To require the Director of the National Institute of Standards and Technology to disseminate guidance to help reduce small business cybersecurity risks, and for other purposes.

Summary

NIST Small Business Cybersecurity Act (Sec. 2) This bill amends the National Institute of Standards and Technology Act to require the National Institute of Standards and Technology (NIST) to consider small businesses when it facilitates and supports the development of voluntary, consensus-based, industry-led guidelines and procedures to cost-effectively reduce cyber risks to critical infrastructure. NIST must consult with other federal agencies to disseminate, and publish on its website, standard and method resources that small business may use voluntarily to help identify, assess, manage, and reduce their cybersecurity risks. The resources must: (1) include case studies of practical application, (2) be based on international standards to the extent possible, (3) be able to vary with the nature and size of the implementing small business and the sensitivity of the data collected or stored on the information systems, (4) be capable of promoting awareness of third-party stakeholder relationships to assist small businesses in mitigating common cybersecurity risks, and (5) be consistent with the national cybersecurity awareness and education program under the Cybersecurity Enhancement Act of 2014. Other federal agencies may elect to publish the resources on their own websites.

bill Progress


  • Not enacted
    The President has not signed this bill
  • The senate has not voted
      senate Committees
      Committee on Commerce, Science, and Transportation
  • The house Passed October 11th, 2017
    Passed by Voice Vote
      house Committees
      Committee on Science, Space, and Technology
    IntroducedApril 20th, 2017

Log in or create an account to see how your Reps voted!
    Small businesses are huge in our economy and we need to support them
    Like (2)
    Follow
    Share
    Be wary of crazy extremist Republicans supporting too-good-to-be-true bills.
    Like (2)
    Follow
    Share
    For those who are suspicious of a politician's motives (like Monica's comment in this) it is worth checking opensecrets.org to look at an individual's campaign contributions. Rep. Webster appears to have no significant PAC or corporate funding which would affect his policy-making. This is worthwhile legislation.
    Like (1)
    Follow
    Share
    Any bill that has been introduced by the republicans I oppose based on their agenda and purposeful destruction of our society.
    Like (1)
    Follow
    Share
    Small businesses have few places to turn for good Cybersecurity practices. NIST is a wonderful source they should be able to leverage.
    Like
    Follow
    Share
    I am 75% sure this bill doesn't do anything, and I certainly don't have a problem with websites and pamplets about cybersecurity. Pretty sure this bill is so the congressman can go back to his state and say "I wrote a bill protecting small businesses from cyber threats!!!" But it won't do any harm, so let him.
    Like
    Follow
    Share
    Increased cyber security infrastructure is desperately needed in this society.
    Like
    Follow
    Share
    Absolutely they should share that information with small businesses, and whoever else wants to leverage it. It belongs to us, after all.
    Like
    Follow
    Share
    Given the scope of cyber security attacks, this bill makes a lot of sense.
    Like
    Follow
    Share
    Today we are seeing more personal information being accessed by malicious means. While recent examples include Target and Experian, small businesses are not impervious.
    Like
    Follow
    Share