Attivo Networks Blogs

President signs NIST Small Business Cybersecurity Act into law

SC media logo

A year and nearly four months after the measure was introduced, the NIST Small Business Cybersecurity Act officially passed after President Donald Trump signed the legislation into law.

Originally proposed as H.R. 2105 in April 2017, the act was later absorbed into U.S. federal law S.770, and requires the director of the National Institute of Standards and Technology, within within one year of the law’s passing, to issue guidance and a consistent set of resources to help SMBs identity, assess and reduce their cybersecurity risks.

S.770 also tasks NIST, a division of the U.S. Commerce Department, with considering the needs of small businesses when developing these recommendations, which among other key qualities should be widely applicable and technology-neutral and “include elements that promote awareness of simple, basic controls, a workplace cybersecurity culture, and third-party stakeholder relationships.”

The legislation in its current form was introduced by Sen. Brian Schatz, D-Hawaii, along with Sen. James Risch, R-Idaho, and was sponsored by fellow lawmakers John Thune, R-S.D.; Maria Cantwell, D-Wash.; Bill Nelson, D-Fla.; Cory Gardner, R-Colo.; Catherine Cortez Masto, D-Nev.; Maggie Hassan, D-N.H.; Claire McCaskill, D-Mo.; and Kirsten Gillibrand, D-N.Y.

In a press release, Schatz, the the lead Democrat on the Commerce Subcommittee on Communications, Technology, Innovation, and the Internet, said that “As businesses rely more and more on the internet to run efficiently and reach more customers, they will continue to be vulnerable to cyberattacks. But while big businesses have the resources to protect themselves, small businesses do not, and that’s exactly what makes them an easy target for hackers.”

“This new law will give small businesses the tools to firm up their cybersecurity infrastructure and fight online attacks,” Schatz continued.


Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free


Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial


  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise


Leave a Comment

Your email address will not be published.

fifteen + one =

Ready to find out what’s lurking in your network?

Scroll to Top