Skip Navigation LinksASIS International / About ASIS / Who We Are / What's New / ASIS Sends Letter of Support for MAIN STREET Cybersecurity Act

ASIS Sends Letter of Support for MAIN STREET Cybersecurity Act

05 April 2017

ASIS International (ASIS), the leading association for security management professionals worldwide, today sent a letter of support to the Senate Committee on Commerce, Science, and Transportation for the Making Available Information Now to Strengthen Trust and Resilience and Enhance Enterprise Technology (MAIN STREET) Cybersecurity Act. The proposed legislation calls on the National Institute of Standards and Technology (NIST) and other agencies to provide a consistent set of resources for small businesses to best protect their digital assets from cybersecurity threats.

According to ASIS's letter, "The legislation emphasizes years of cooperative efforts by industry and government to produce risk management tools that support the cybersecurity needs of small and midsize businesses (SMEs)."

Small businesses are particularly vulnerable to cyberattacks. The National Cybersecurity Alliance has found that 60% of small businesses are forced to close following a cyberattack, making support of this legislation both probusiness and pro-security.

"Cyberattacks can have catastrophic effects on small businesses and their customers," said Senator Thune, chairman of Committee on Commerce, Science, and Transportation. "This legislation offers important resources, specifically meeting the unique needs of small businesses, to help them guard sensitive data and systems from thieves and hackers."  

The MAIN STREET Cybersecurity Act is a follow-on to the Cybersecurity Enhancement Act of 2014, which codified the industry-led process for the NIST Cybersecurity Framework. The new legislation will ensure NIST considers the needs of small businesses and provides additional, simplified resources to improve the ability of these businesses to use the framework.

ASIS's letter restates its long-standing commitment "to promoting the use of best practices and voluntary guidance, such as the framework, provided by both the public and private sectors to assist businesses of all sizes in managing cyber risk."

View the press release.
View the full letter.