MAIN STREET Cybersecurity Act to Protect Small Businesses

At the end of September, the Senate passed the MAIN STREET Cybersecurity Act for Small Business.  This is an effort to help small businesses deal with the technical aspects and costs associated with creating a cybersecurity program and protecting their digital assets from attack or compromise.  The Act instructs NIST to create a plan for small businesses that is based on the NIST Cybersecurity Framework (NIST-CSF), but simpler and less expensive to implement.

Businesses with fewer than 100 employees are targeted by cyber-criminals 71% of the time.  Often small businesses are targeted for the user credentials they use to access networks of larger customers or suppliers.  Their are also targets for email account hijacking and related invoice, bank account, and wire transfer fraud.  50% of small businesses have suffered some sort of data breach.  60% of small businesses who suffer a significant breach go out of business.

Small businesses represent a large percentage of employment and economic activity in the United States, and they need to develop strategies to protect themselves from cyber-attack and cyber-crime.  This act is design to stimulate this process.  This bill has passed the Senate and is expected to make it through the House and into law.  We will keep you informed as this bill progresses.

More information:


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.