Congress passes data security bill for small businesses

The NIST Small Business Cybersecurity Act has cleared its last hurdle.

Sponsored Links

Getty Images/Tetra images RF
Getty Images/Tetra images RF

The US government doesn't have the strongest cybersecurity policy right now, but there's at least some progress on that front beyond what's happening at security agencies. The US Senate has passed its version of the NIST Small Business Cybersecurity Act, clearing the way for the bill to become law if and when the President signs it. The bipartisan measure promises smaller companies a consistent, relevant and universal set of NIST-based guidance and resources for protecting their data against online threats.

The House passed its version of the Act in October 2017. It's not certain when the bill might reach the President's desk.

The soon-to-be law isn't going to render small businesses impervious to attack. Many large companies are still grappling with data breaches, and small shops rarely have the sheer amount of staff and money needed to address intrusions. Whether or not the resources help will depend on how easily businesses can find it, too. This Act might close the gap, though, and it's an acknowledgment that your private information is just as sensitive at a tiny startup as it is at a giant corporation.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget