July 15, 2019 - Issue: Vol. 165, No. 118 — Daily Edition116th Congress (2019 - 2020) - 1st Session
All in House sectionPrev29 of 79Next
SMALL BUSINESS DEVELOPMENT CENTER CYBER TRAINING ACT OF 2019; Congressional Record Vol. 165, No. 118
(House of Representatives - July 15, 2019)
Text available as:
Formatting necessary for an accurate reading of this text may be shown by tags (e.g., <DELETED> or <BOLD>) or may be missing from this TXT display. For complete and accurate display of this text, see the PDF.
[Pages H5809-H5810] From the Congressional Record Online through the Government Publishing Office [www.gpo.gov] SMALL BUSINESS DEVELOPMENT CENTER CYBER TRAINING ACT OF 2019 Mr. DELGADO. Mr. Speaker, I move to suspend the rules and pass the bill (H.R. 1649) to amend the Small Business Act to require cyber certification for small business development center counselors, and for other purposes. The Clerk read the title of the bill. The text of the bill is as follows: H.R. 1649 Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, SECTION 1. SHORT TITLE. This Act may be cited as the ``Small Business Development Center Cyber Training Act of 2019''. SEC. 2. DUTIES OF SMALL BUSINESS DEVELOPMENT CENTER COUNSELORS. Section 21 of the Small Business Act (15 U.S.C. 648) is amended by adding at the end the following: ``(o) Cyber Strategy Training for Small Business Development Centers.-- ``(1) Definitions.--In this subsection-- ``(A) the term `cyber strategy' means resources and tactics to assist in planning for cybersecurity and defending against cyber risks and cyber attacks; and ``(B) the term `lead small business development center' means a small business development center that has received a grant from the Administration. ``(2) Certification program.--The Administrator shall establish a cyber counseling certification program, or approve a similar existing program, to certify the employees of lead small business development centers to provide cyber planning assistance to small business concerns. ``(3) Number of certified employees.--The Administrator shall ensure that the number of employees of each lead small business development center who are certified in providing cyber planning assistance under this subsection is not fewer than the lesser of-- ``(A) 5; or ``(B) 10 percent of the total number of employees of the lead small business development center. ``(4) Consideration of small business development center cyber strategy.--In carrying out this subsection, the Administrator, to the extent practicable, shall consider any cyber strategy methods included in the Small Business Development Center Cyber Strategy developed under section 1841(a) of the National Defense Authorization Act for Fiscal Year 2017 (Public Law 114-328; 130 Stat. 2662). ``(5) Reimbursement for certification.-- ``(A) In general.--Subject to the availability of appropriations and subparagraph (B), the Administrator shall reimburse a lead small business development center for costs relating to the certification of an employee of the lead small business development center under the program established under paragraph (2). ``(B) Limitation.--The total amount reimbursed by the Administrator under subparagraph (A) may not exceed $350,000 in any fiscal year.''. The SPEAKER pro tempore. Pursuant to the rule, the gentleman from New York (Mr. Delgado) and the gentleman from Ohio (Mr. Chabot) each will control 20 minutes. The Chair recognizes the gentleman from New York. General Leave Mr. DELGADO. Mr. Speaker, I ask unanimous consent that all Members may have 5 legislative days in which to revise and extend their remarks and include extraneous material on the measure under consideration. The SPEAKER pro tempore. Is there objection to the request of the gentleman from New York? There was no objection. Mr. DELGADO. Mr. Speaker, I yield myself such time as I may consume. Mr. Speaker, I rise in support of H.R. 1649, the Small Business Development Center Cyber Training Act of 2019, which helps Small Business Development Centers, or SBDCs, become better equipped to assist small entities with their cybersecurity needs. Small businesses have increasingly become the targets of cyberattacks, and because of the complexity and cost associated with identifying, monitoring, and sharing information with appropriate agencies, only 31 percent of small firms have cybersecurity plans in place. Besides access to capital, cybersecurity is one of the main impediments to entrepreneurial success. Our committee has heard many heartbreaking stories about how it took just one attack to shutter a business. We have also heard time and time again the frustration business owners feel as they attempt to protect against ever-changing threats and navigate cyber regulations to win government contracts. This legislation ensures that our Nation's most vulnerable businesses are prepared to combat the imminent threat from cyberattacks. Leveraging the vast network of SBDCs and their expertise in assisting entrepreneurs from all over the country is a step in the right direction to provide education and training to business owners seeking to implement safeguards to their networks. Mr. Speaker, I commend Ranking Member Chabot and Congressman Evans for working together on this important issue, and I ask my fellow Members to support this bill. Mr. Speaker, I reserve the balance of my time. Mr. CHABOT. Mr. Speaker, I yield myself such time as I may consume. Mr. Speaker, I rise in support of H.R. 1649, the Small Business Development Center Cyber Training Act of 2019. Information technology is a necessity for small businesses, because it arms them with the tools they need to be competitive in the global economy. Unfortunately, small businesses are increasingly popular targets for cybercriminals. The average cost of a cyberattack on a small business is over $30,000, which can destroy, literally, a small business. That is exactly why Ms. Velazquez, Mr. Evans, and I introduced H.R. 1649, the Small Business Development Center Cyber Training Act of 2019. This bipartisan legislation establishes a cyber counseling certification program in lead SBDCs to better assist small businesses with planning and implementing cybersecurity measures to defend against cyberattacks. The cyber assistance offered by trained staff at SBDCs would be provided at no or low cost to small businesses. Cyber planning assistance will encourage small businesses to take a more proactive approach to defending themselves from cyberattacks by leveraging the expertise from SBDCs and their partner agencies and institutions. This bill utilizes existing Federal resources to cover the reimbursement costs. We recognize cyber threats are ever-evolving and will continue to work with industry to ensure that appropriate staffing needs are met. Mr. Speaker, I urge my colleagues to support this measure, and I reserve the balance of my time. Mr. DELGADO. Mr. Speaker, I yield 5 minutes to the gentleman from Pennsylvania (Mr. Evans). Mr. EVANS. Mr. Speaker, I thank my colleague from New York (Mr. Delgado) for the introduction. Mr. Speaker, I rise to offer my support for H.R. 1649, the Small Business Development Center Cyber Training Act. As vice chair of the Small Business Committee, I was proudly joined by fellow colleagues in the committee, Ranking Member Chabot and Chairwoman Velazquez, in introducing this important bipartisan legislation. I consider small business to be the foundation of our communities. They are the engines that drive innovativeness, investments, and economic development, and they are the pillars that prop up our neighborhoods. Both in my home State of Pennsylvania and across the U.S., small businesses account for more than 99 percent of all businesses. Nationally, they support almost 59 million jobs. Over the past decade, as we have seen immense growth in technology and innovativeness, we have also seen an increase in incidents involving the theft of valuable information from businesses and governments. In 2014, it was discovered that the Office of Personnel Management was hacked, resulting in the theft of over 20 million records. In 2013, criminals broke into Target's databases, with the credit and debit information from almost 40 million consumers being compromised. Breaches have also been reported at Home Depot, JPMorgan Chase, and Sony. [[Page H5810]] As we have witnessed, these breaches can have extremely devastating and costly impacts on major corporations. Now, if major entities struggle with the challenges of cybersecurity, what chances do our small businesses have? H.R. 1649 was written to address this risk by providing cyber training, strategies, and resources to small businesses to better equip themselves against cyberattacks. I appreciate having the opportunity to co-lead this important piece of legislation that will truly help our small businesses, the backbone of our Nation's economy, have the tools they need to protect themselves and to succeed. Mr. DELGADO. Mr. Speaker, I have no further speakers. I am prepared to close, and I reserve the balance of my time. Mr. CHABOT. Mr. Speaker, we have no further speakers, so I would be happy to close at this time if it is acceptable to the gentleman. Mr. Speaker, we have heard from small business owners, cybersecurity experts, and government officials, and there is no question that improving cybersecurity for America's small businesses should be an urgent priority for small firms. Over the past few years, the Federal Government has stepped up its efforts to both prevent and mitigate cyberattacks by coordinating and distributing cybersecurity resources directly to small businesses. This commonsense legislation would continue our efforts to ensure small firms can access needed information from SBDCs to help prevent and respond to cyberattacks. Mr. Speaker, I urge this bill's adoption. I want to again thank the gentleman from Pennsylvania (Mr. Evans) for his leadership on this, and I yield back the balance of my time. Mr. DELGADO. Mr. Speaker, cybercrime is one of the greatest risks to every business in the world. Cybercriminals have realized small entities are more exposed than larger businesses that have dedicated in-house IT personnel overseeing their systems and networks. Unfortunately, just 14 percent of small businesses have a plan in place for keeping their company secure. This is why Congress and the SBA must continue to make cybersecurity training and resources a top priority for our Nation's small firms. Through H.R. 1649, U.S. small businesses will be more prepared and better protected against cyber threats. This bill has bipartisan support and is essential to enhancing America's cyber infrastructure, by starting with the most vulnerable businesses. Our committee remains dedicated to advancing more policies to address the cyber challenges of small employers. Mr. Speaker, I urge my colleagues to support the bill, and I yield back the balance of my time. Ms. JACKSON LEE. Mr. Speaker, as a senior member of the House Committees on the Judiciary, Homeland Security, and Budget, I rise in strong support of H.R. 1649, the ``Small Business Development Center Cyber Training Act of 2019.'' H.R. 1649 calls for the establishment of a cyber counseling certification program, or the approval of a similar existing program, to certify the employees of lead business development centers to provide cyber planning assistance to small business concerns. Cyber strategy refers to the necessary resources and tactics that assist in planning for cybersecurity and defending against cyber risks and cyber attacks. Technology becomes more advanced every day, and cyber threats follow that same trend, making them increasingly difficult to predict and prevent. Cyber attacks have cost companies with robust cybersecurity programs millions of dollars, and small businesses are no exception. Yet, small businesses often lack the resources available to larger companies and corporations, making them especially vulnerable to such attacks. A recent Ponemon study found that nearly 70 percent of all small businesses experienced a cyberattack in 2017, while nearly half admitted to having no understanding of how to protect their company against a cyber attack. Additionally, another study by Hiscox found that less than 20 percent of small businesses said they were confident in their cybersecurity readiness, and barely half had a clearly defined cybersecurity strategy at all. Due to the vulnerability of small business operations, we need extensive measures to identify, analyze, and alleviate threats of cyberattacks. This bill ensures that there are at least 5 or 10 percent of the total number of employees within a small business development center who are certified in providing cyber planning assistance. Mr. Speaker, I urge my colleagues to join me in supporting H.R. 1649 to protect the cybersecurity networks and facilitate cybersecurity training within our nation's small businesses. The SPEAKER pro tempore. The question is on the motion offered by the gentleman from New York (Mr. Delgado) that the House suspend the rules and pass the bill, H.R. 1649. The question was taken; and (two-thirds being in the affirmative) the rules were suspended and the bill was passed. A motion to reconsider was laid on the table. ____________________
All in House sectionPrev29 of 79Next