[Congressional Record Volume 165, Number 118 (Monday, July 15, 2019)]
[House]
[Pages H5809-H5810]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]
SMALL BUSINESS DEVELOPMENT CENTER CYBER TRAINING ACT OF 2019
Mr. DELGADO. Mr. Speaker, I move to suspend the rules and pass the
bill (H.R. 1649) to amend the Small Business Act to require cyber
certification for small business development center counselors, and for
other purposes.
The Clerk read the title of the bill.
The text of the bill is as follows:
H.R. 1649
Be it enacted by the Senate and House of Representatives of
the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Small Business Development
Center Cyber Training Act of 2019''.
SEC. 2. DUTIES OF SMALL BUSINESS DEVELOPMENT CENTER
COUNSELORS.
Section 21 of the Small Business Act (15 U.S.C. 648) is
amended by adding at the end the following:
``(o) Cyber Strategy Training for Small Business
Development Centers.--
``(1) Definitions.--In this subsection--
``(A) the term `cyber strategy' means resources and tactics
to assist in planning for cybersecurity and defending against
cyber risks and cyber attacks; and
``(B) the term `lead small business development center'
means a small business development center that has received a
grant from the Administration.
``(2) Certification program.--The Administrator shall
establish a cyber counseling certification program, or
approve a similar existing program, to certify the employees
of lead small business development centers to provide cyber
planning assistance to small business concerns.
``(3) Number of certified employees.--The Administrator
shall ensure that the number of employees of each lead small
business development center who are certified in providing
cyber planning assistance under this subsection is not fewer
than the lesser of--
``(A) 5; or
``(B) 10 percent of the total number of employees of the
lead small business development center.
``(4) Consideration of small business development center
cyber strategy.--In carrying out this subsection, the
Administrator, to the extent practicable, shall consider any
cyber strategy methods included in the Small Business
Development Center Cyber Strategy developed under section
1841(a) of the National Defense Authorization Act for Fiscal
Year 2017 (Public Law 114-328; 130 Stat. 2662).
``(5) Reimbursement for certification.--
``(A) In general.--Subject to the availability of
appropriations and subparagraph (B), the Administrator shall
reimburse a lead small business development center for costs
relating to the certification of an employee of the lead
small business development center under the program
established under paragraph (2).
``(B) Limitation.--The total amount reimbursed by the
Administrator under subparagraph (A) may not exceed $350,000
in any fiscal year.''.
The SPEAKER pro tempore. Pursuant to the rule, the gentleman from New
York (Mr. Delgado) and the gentleman from Ohio (Mr. Chabot) each will
control 20 minutes.
The Chair recognizes the gentleman from New York.
General Leave
Mr. DELGADO. Mr. Speaker, I ask unanimous consent that all Members
may have 5 legislative days in which to revise and extend their remarks
and include extraneous material on the measure under consideration.
The SPEAKER pro tempore. Is there objection to the request of the
gentleman from New York?
There was no objection.
Mr. DELGADO. Mr. Speaker, I yield myself such time as I may consume.
Mr. Speaker, I rise in support of H.R. 1649, the Small Business
Development Center Cyber Training Act of 2019, which helps Small
Business Development Centers, or SBDCs, become better equipped to
assist small entities with their cybersecurity needs.
Small businesses have increasingly become the targets of
cyberattacks, and because of the complexity and cost associated with
identifying, monitoring, and sharing information with appropriate
agencies, only 31 percent of small firms have cybersecurity plans in
place.
Besides access to capital, cybersecurity is one of the main
impediments to entrepreneurial success. Our committee has heard many
heartbreaking stories about how it took just one attack to shutter a
business.
We have also heard time and time again the frustration business
owners feel as they attempt to protect against ever-changing threats
and navigate cyber regulations to win government contracts.
This legislation ensures that our Nation's most vulnerable businesses
are prepared to combat the imminent threat from cyberattacks.
Leveraging the vast network of SBDCs and their expertise in assisting
entrepreneurs from all over the country is a step in the right
direction to provide education and training to business owners seeking
to implement safeguards to their networks.
Mr. Speaker, I commend Ranking Member Chabot and Congressman Evans
for working together on this important issue, and I ask my fellow
Members to support this bill.
Mr. Speaker, I reserve the balance of my time.
Mr. CHABOT. Mr. Speaker, I yield myself such time as I may consume.
Mr. Speaker, I rise in support of H.R. 1649, the Small Business
Development Center Cyber Training Act of 2019.
Information technology is a necessity for small businesses, because
it arms them with the tools they need to be competitive in the global
economy.
Unfortunately, small businesses are increasingly popular targets for
cybercriminals. The average cost of a cyberattack on a small business
is over $30,000, which can destroy, literally, a small business.
That is exactly why Ms. Velazquez, Mr. Evans, and I introduced H.R.
1649, the Small Business Development Center Cyber Training Act of 2019.
This bipartisan legislation establishes a cyber counseling
certification program in lead SBDCs to better assist small businesses
with planning and implementing cybersecurity measures to defend against
cyberattacks.
The cyber assistance offered by trained staff at SBDCs would be
provided at no or low cost to small businesses.
Cyber planning assistance will encourage small businesses to take a
more proactive approach to defending themselves from cyberattacks by
leveraging the expertise from SBDCs and their partner agencies and
institutions. This bill utilizes existing Federal resources to cover
the reimbursement costs.
We recognize cyber threats are ever-evolving and will continue to
work with industry to ensure that appropriate staffing needs are met.
Mr. Speaker, I urge my colleagues to support this measure, and I
reserve the balance of my time.
Mr. DELGADO. Mr. Speaker, I yield 5 minutes to the gentleman from
Pennsylvania (Mr. Evans).
Mr. EVANS. Mr. Speaker, I thank my colleague from New York (Mr.
Delgado) for the introduction.
Mr. Speaker, I rise to offer my support for H.R. 1649, the Small
Business Development Center Cyber Training Act.
As vice chair of the Small Business Committee, I was proudly joined
by fellow colleagues in the committee, Ranking Member Chabot and
Chairwoman Velazquez, in introducing this important bipartisan
legislation.
I consider small business to be the foundation of our communities.
They are the engines that drive innovativeness, investments, and
economic development, and they are the pillars that prop up our
neighborhoods.
Both in my home State of Pennsylvania and across the U.S., small
businesses account for more than 99 percent of all businesses.
Nationally, they support almost 59 million jobs.
Over the past decade, as we have seen immense growth in technology
and innovativeness, we have also seen an increase in incidents
involving the theft of valuable information from businesses and
governments.
In 2014, it was discovered that the Office of Personnel Management
was hacked, resulting in the theft of over 20 million records.
In 2013, criminals broke into Target's databases, with the credit and
debit information from almost 40 million consumers being compromised.
Breaches have also been reported at Home Depot, JPMorgan Chase, and
Sony.
[[Page H5810]]
As we have witnessed, these breaches can have extremely devastating
and costly impacts on major corporations.
Now, if major entities struggle with the challenges of cybersecurity,
what chances do our small businesses have?
H.R. 1649 was written to address this risk by providing cyber
training, strategies, and resources to small businesses to better equip
themselves against cyberattacks.
I appreciate having the opportunity to co-lead this important piece
of legislation that will truly help our small businesses, the backbone
of our Nation's economy, have the tools they need to protect themselves
and to succeed.
Mr. DELGADO. Mr. Speaker, I have no further speakers. I am prepared
to close, and I reserve the balance of my time.
Mr. CHABOT. Mr. Speaker, we have no further speakers, so I would be
happy to close at this time if it is acceptable to the gentleman.
Mr. Speaker, we have heard from small business owners, cybersecurity
experts, and government officials, and there is no question that
improving cybersecurity for America's small businesses should be an
urgent priority for small firms.
Over the past few years, the Federal Government has stepped up its
efforts to both prevent and mitigate cyberattacks by coordinating and
distributing cybersecurity resources directly to small businesses.
This commonsense legislation would continue our efforts to ensure
small firms can access needed information from SBDCs to help prevent
and respond to cyberattacks.
Mr. Speaker, I urge this bill's adoption. I want to again thank the
gentleman from Pennsylvania (Mr. Evans) for his leadership on this, and
I yield back the balance of my time.
Mr. DELGADO. Mr. Speaker, cybercrime is one of the greatest risks to
every business in the world. Cybercriminals have realized small
entities are more exposed than larger businesses that have dedicated
in-house IT personnel overseeing their systems and networks.
Unfortunately, just 14 percent of small businesses have a plan in
place for keeping their company secure.
This is why Congress and the SBA must continue to make cybersecurity
training and resources a top priority for our Nation's small firms.
Through H.R. 1649, U.S. small businesses will be more prepared and
better protected against cyber threats.
This bill has bipartisan support and is essential to enhancing
America's cyber infrastructure, by starting with the most vulnerable
businesses.
Our committee remains dedicated to advancing more policies to address
the cyber challenges of small employers.
Mr. Speaker, I urge my colleagues to support the bill, and I yield
back the balance of my time.
Ms. JACKSON LEE. Mr. Speaker, as a senior member of the House
Committees on the Judiciary, Homeland Security, and Budget, I rise in
strong support of H.R. 1649, the ``Small Business Development Center
Cyber Training Act of 2019.''
H.R. 1649 calls for the establishment of a cyber counseling
certification program, or the approval of a similar existing program,
to certify the employees of lead business development centers to
provide cyber planning assistance to small business concerns.
Cyber strategy refers to the necessary resources and tactics that
assist in planning for cybersecurity and defending against cyber risks
and cyber attacks.
Technology becomes more advanced every day, and cyber threats follow
that same trend, making them increasingly difficult to predict and
prevent.
Cyber attacks have cost companies with robust cybersecurity programs
millions of dollars, and small businesses are no exception.
Yet, small businesses often lack the resources available to larger
companies and corporations, making them especially vulnerable to such
attacks.
A recent Ponemon study found that nearly 70 percent of all small
businesses experienced a cyberattack in 2017, while nearly half
admitted to having no understanding of how to protect their company
against a cyber attack.
Additionally, another study by Hiscox found that less than 20 percent
of small businesses said they were confident in their cybersecurity
readiness, and barely half had a clearly defined cybersecurity strategy
at all.
Due to the vulnerability of small business operations, we need
extensive measures to identify, analyze, and alleviate threats of
cyberattacks.
This bill ensures that there are at least 5 or 10 percent of the
total number of employees within a small business development center
who are certified in providing cyber planning assistance.
Mr. Speaker, I urge my colleagues to join me in supporting H.R. 1649
to protect the cybersecurity networks and facilitate cybersecurity
training within our nation's small businesses.
The SPEAKER pro tempore. The question is on the motion offered by the
gentleman from New York (Mr. Delgado) that the House suspend the rules
and pass the bill, H.R. 1649.
The question was taken; and (two-thirds being in the affirmative) the
rules were suspended and the bill was passed.
A motion to reconsider was laid on the table.
____________________