Cyberattacks can potentially cripple small businesses, the lifeblood of the American economy. For that reason, the United States Senate passed the Main Street Cybersecurity Act, which aims to reduce small business’ cybersecurity risks. Here’s what you need to know.
What is the Main Street Cybersecurity Act?
The National Institute of Standards and Technology (NIST), one of the nation’s oldest physical science laboratories, has developed a variety of tools, including a whole Cybersecurity Framework and a Computer Security Resource Center, to help businesses protect themselves from cybercriminals.
The problem is that most of those tools are made for enterprise-sized businesses and corporations with large budgets. They don’t take the nuances and limitations of small businesses into consideration.
The Main Street Cybersecurity Act (MSCA) is a pending piece of legislation that, if passed, will require the NIST to provide cybersecurity resources specifically for small businesses.
Why is it Necessary?
Small businesses are the targets of 43 percent of all cyberattacks. Approximately 60 percent of them are forced to close their business after being hacked.
This is bad news not only for the innocent victims, but for the United States economy, which is powered in large part by small businesses. Thus, legislation created to protect this engine of the American economy makes perfect sense.
Will it become a Law?
At the current time, the bill has been passed in the U.S. Senate, and is making its way through the House of Representatives.
It has strong bipartisan support, so there’s a high chance that it will eventually become a law. Although, it’s not possible to say for sure.
What does it Mean for Businesses?
Easy-to-Use Security Resources
The MSCA will require that the NIST take into consideration that small businesses don’t have huge budgets to spend on cybersecurity teams. Instead, they’ll provide “effective and usable” practices that include “simple, basic controls” for small businesses, according to the language of the bill itself.
This most likely means that the NIST will produce a large number of blog articles and videos on various cybersecurity subjects, ranging from firewalls to recognizing what common attacks look like.
The MSCA will not mandate that small businesses use the new cybersecurity resources produced by the NIST. Rather, it will just make more tools and resources available.
With the Main Street Cybersecurity Act set to become a law in the future, will your business take advantage of the resources it supplies?