Breaking News: NIST Small Business Cybersecurity Law

President Donald J. Trump has just signed the NIST Small Business Cybersecurity Act into law.

Now part of the U.S. federal law S.770, it requires the director of the National Institute of Standards and Technology to issue guidance and a consistent set of resources to help SMBs identity, assess and reduce their cybersecurity risks within the next 12 month.  The entire bill in its original form is here:  – it’s very short and to the point.

As I’ve stated for many years, the Small to Medium Size Business (SMB) accounts for a majority of our GDP (Gross Domestic Product) and yet is not sophisticated enough to handle the latest threats.  S.770 also tasks NIST, which is part of the U.S. Commerce Department, to take this fact into consideration so that final recommendations include technology-neutral and elements that promote awareness of simple, basic controls, a workplace cybersecurity culture, and third-party stakeholder relationships.

During BlackHat Conference 2018, I was pleased to learn from Corey Nachreiner, the CTO of WatchGuard, that their mission is to bring widely deploy-able, enterprise-grade security to small-to-medium sized businesses (SMBs) – which fits right into support of this new law.  I hope other large players will also take up this challenge and also many of the hot infosec startups consider the SMBs in their journey to defend against the latest threats.

by Gary S. Miliefsky
Publisher, CDM

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.


10th Anniversary Exclusive Top 100 CISO Conference & Innovators Showcase