[Congressional Record Volume 166, Number 169 (Tuesday, September 29, 2020)]
[Extensions of Remarks]
[Pages E892-E893]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




         THE IMPROVING CYBERSECURITY OF SMALL ORGANIZATIONS ACT

                                 ______
                                 

                           HON. ANNA G. ESHOO

                             of california

                    in the house of representatives

                      Tuesday, September 29, 2020

  Ms. ESHOO. Madam Speaker, I'm proud to introduce H.R. 8379, the 
Improving Cybersecurity of Small Organizations Act, a bipartisan and 
bicameral bill to help small businesses, nonprofits, and local 
governments implement strong protections against cyberattacks.
  Many small businesses, small nonprofits, and small local governments 
can't afford to hire cybersecurity professionals, yet they are still 
vulnerable to highly damaging cyberattacks. Ransomware attacks have 
caused critical government functions to become inoperable. Data 
breaches have harmed employees and customers of businesses. Devices 
managed by organizations have been turned into botnets used to attack 
other organizations.
  H.R. 8379, the Improving Cybersecurity of Small Organizations Act 
simply requires federal agencies to recommend easy-to-understand and 
evidence-based guidance that small

[[Page E893]]

organizations can adopt to improve their cybersecurity and protect 
everyone they serve. Specifically, H.R. 8379 directs the Cybersecurity 
and Infrastructure Security Agency (CISA) to issue guidance that 
documents and promotes evidence-based cybersecurity policies and 
controls for small organizations (i.e., small businesses, nonprofits, 
and local governments); requires CISA, the Small Business 
Administration (SBA), and the Minority Business Development Agency to 
promote the cybersecurity guidance; requires the Secretary of Commerce 
to submit to Congress a report describing methods to incent small 
organizations to improve their cybersecurity; and requires the SBA to 
report on the state of small business cybersecurity every two years.
  I thank Congressman John Katko, Senator Jacky Rosen, and Senator John 
Cornyn for partnering with me to introduce this bipartisan, bicameral 
bill, and I urge the House to take up this legislation in a timely 
fashion and ask my colleagues to support it.

                          ____________________