A bipartisan bill introduced by U.S. Rep. Young Kim (R-CA) to bolster the Small Business Administration’s (SBA) cybersecurity capabilities on Tuesday cleared the U.S. House of Representatives and is now slated to be signed into law by the president.
“I urge the president to swiftly sign this bill into law,” said Rep. Kim, who in May 2021 signed on as the original cosponsor of the SBA Cyber Awareness Act, H.R. 3462, which was sponsored by U.S. Rep. Jason Crow (D-CO), who serve as ranking member and chair, respectively, of the U.S. House Small Business Subcommittee on Innovation, Entrepreneurship and Workforce Development.
In November 2021, the House voted 423-0 to approve H.R. 3462 and sent it to the U.S. Senate, which in September amended and then passed the bill. After resolving differences, the House on Dec. 6 voted 417-0 to suspend the rules and agreed to the Senate-amended version of H.R. 3462, which now heads to President Joe Biden to be signed into law.
“I applaud the Senate for coming together to pass the SBA Cyber Awareness Act to improve SBA cybersecurity,” Rep. Kim said. “As a member of the Small Business Committee, I will keep working to support our small business owners and make sure taxpayer dollars are allocated as intended.”
The measure will require the SBA to annually report specified information related to cybersecurity awareness. The SBA reports must include a strategy to increase the cybersecurity of the SBA’s information technology (IT) infrastructure, a supply chain risk management strategy that includes risk mitigation activities for IT components originating from an entity that has its principal place of business in China, and any SBA cybersecurity incident that occurred during the two years prior to the initial report, according to the congressional record bill summary.
“As a record number of small business owners applied for vital assistance to keep their doors open during COVID-19, SBA’s legacy systems could not keep up, leading to backend crashes, slow portals and a breach of Americans’ personal data,” said Rep. Kim. “Entrepreneurs need certainty that they can safely use SBA resources available to them.”