[Federal Register Volume 76, Number 19 (Friday, January 28, 2011)]
[Notices]
[Pages 5232-5233]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2011-1849]


=======================================================================
-----------------------------------------------------------------------

SMALL BUSINESS ADMINISTRATION


Small Business Information Security Task Force

AGENCY: U.S. Small Business Administration.

ACTION: Notice of meeting minutes.

-----------------------------------------------------------------------

SUMMARY: The SBA is issuing this notice to publish meeting minutes for 
the Small Business Information Security Task Force Meeting.

DATES: 1 p.m., Wednesday, December 8, 2010.

ADDRESSES: The meeting was held via teleconference.

SUPPLEMENTARY INFORMATION: Pursuant to section 507(i)(4)(A) of the 
Credit Card Accountability Responsibility and Disclosure Act of 2009, 
SBA submits the meeting minutes for the third meeting of the Small 
Business Information Security Task Force. Chairman, Rusty Pickens, 
called the meeting to order on December 8, 2010 at 1 p.m. Roll call was 
taken and a quorum was established. Mr. Pickens reported on 
developments since the last meeting, noting first that comments 
received on the draft work plan had been incorporated to add new 
subject areas for academics and technology. Also, Mr. Erdle had 
prepared a one page document describing available technical 
certifications for small businesses that he provided to Mr. Pickens as 
a starting point for collating data on security certification and 
training. Mr. Pickens undertook to provide the document to the group in 
advance of the next meeting for review and discussion at the meeting. 
Subsequently, Mr. Pickens reported on his telephone conversation with 
Mr. Bob Russo of the PCI Security Standards Council (PCI SSC) to 
explore the possibility of having Mr. Russo brief the Task Force on the 
Council's work, and of having the PCI SSC conduct a webinar for the 
Task Force in the Spring of 2011 on credit card security issues for 
small businesses. The group then engaged in an open discussion 
regarding the collection and organization of the data to be included in 
the Task Force report. Additional subject areas were proposed for 
potential inclusion, such as government contracting security 
requirements, protection of customer privacy, and security 
certification and training applicable to both small business employees 
and contractors.
    Ms. Marx noted that as the Task Force objective originated from the 
Credit Card Act, a useful starting point for reviewing information 
available to assist small merchants would be the Payment Card Industry 
Security Standards, which lay out the requirements for protecting 
credit card data. The group endorsed Mr. Pickens' proposal for a PCI 
Standards briefing and webinar; in addition, Ms. Marx offered to 
provide the group with a link to the PCI SSC's recently launched small 
business website dedicated to online credit card security.
    Before concluding the meeting, the group discussed next steps in 
organizing the work plan. Mr. Pickens asked for volunteers to adopt 
each of the broad subject matter categories already identified by the 
group and to flesh them out with more detail for review at the next 
meeting Members duly volunteered for certain identified subject areas 
and Mr. Pickens agreed to suggest other members to accept

[[Page 5233]]

responsibility for the remaining areas at a later date.
    The next meeting date was determined before the meeting was 
adjourned at 1:49 p.m.

FOR FURTHER INFORMATION CONTACT: Rusty Pickens, Special Consultant to 
the Office of the CIO, U.S. Small Business Administration, 
[email protected].

Paul T. Christy,
SBA Chief Information Officer.
[FR Doc. 2011-1849 Filed 1-27-11; 8:45 am]
BILLING CODE 8025-01-P