To require an annual report on the cybersecurity of the Small Business Administration, and for other purposes.
Committees
Senate Small Business and Entrepreneurship Committee
Bill Summary
SBA Cyber Awareness Act This bill requires the Small Business Administration (SBA) to annually report specified information related to cybersecurity awareness. Such reports must include (1) a strategy to increase the cybersecurity of the SBA's information technology (IT) infrastructure, (2) a supply chain risk management strategy that includes risk mitigation activities for IT components originating from an entity that has its principal place of business in China, and (3) any SBA cybersecurity incident that occurred during the two years prior to the initial report (including the SBA's action to respond to or remediate it).
To require an annual report on the cybersecurity of the Small Business Administration, and for other purposes.
SBA Cyber Awareness Act This bill requires the Small Business Administration (SBA) to annually report specified information related to cybersecurity awareness. Such reports must include (1) a strategy to increase the cybersecurity of the SBA's information technology (IT) infrastructure, (2) a supply chain risk management strategy that includes risk mitigation activities for IT components originating from an entity that has its principal place of business in China, and (3) any SBA cybersecurity incident that occurred during the two years prior to the initial report (including the SBA's action to respond to or remediate it).