7 Apr 2017

ASIS International (ASIS), an association for security management professionals worldwide, sent a letter of support to the Senate Committee on Commerce, Science, and Transportation for the Making Available Information Now to Strengthen Trust and Resilience and Enhance Enterprise Technology (MAIN STREET) Cybersecurity Act. The proposed legislation calls on the National Institute of Standards and Technology (NIST) and other agencies to provide a consistent set of resources for small businesses to best protect their digital assets from cybersecurity threats.

Small businesses face greater cyber risks

Small businesses are particularly vulnerable to cyberattacks. The National Cybersecurity Alliance has found that 60% of small businesses are forced to close following a cyberattack, making support of this legislation both pro-business and pro-security.

In the letter, ASIS International CEO Peter J. O’Neil says, “This legislation emphasises years of cooperative efforts by industry and government to produce risk management tools that support the cybersecurity needs of these small to medium businesses.”

MAIN STREET Cybersecurity Act

The MAIN STREET Cybersecurity Act is a follow-on to the Cybersecurity Enhancement Act of 2014, which codified the industry-led process for the NIST Cybersecurity Framework. The new legislation will ensure NIST considers the needs of small businesses and provides additional, simplified resources to improve the ability of these businesses to use the framework.

ASIS’s letter restates its long-standing commitment to promoting the use of best practices and voluntary guidance, such as the framework, provided by both the public and private sectors to assist businesses of all sizes in managing cyber risk.