January 11, 2016
By Bob Coleman
Editor, Main Street Monday
Main Street Monday — SBA Administrator Grilled by Congress over Data Security Issues
Should small businesses that get SBA loans or use other agency services be concerned about their data getting hacked?
Is the question Kent Hoover writes in his coverage of last week’s House Small Business Committee hearing.
The hearing is in response to a GAO report that found SBA has failed to implement 62 of 69 IT security recommendations deemed essential to protect lender and borrower data.
“That’s what worries me the most,” said House Small Business Committee Chairman Steve Chabot.
“We’ve seen the IRS hit, the State Department, OPM and even the White House hacked,” the Ohio Republican said Thursday. “Small businesses trust the SBA with information they don’t want a rival business, their neighbors, or the Chinese government to have access to. Yesterday, GAO told us this information isn’t adequately secured. That cannot continue.”
SBA Administrator Maria Contreras-Sweet told Chabot’s committee that the agency is working to implement the GAO’s recommendations, but small businesses can already be confident that their data is secure.
Auditors have found no material weaknesses in its IT systems, Contreras-Sweet said, and the agency has yet to experience any security breaches. Plus, banks that make SBA loans wouldn’t share data with the SBA if they feared it could be hacked, she said.
“The SBA operates with financial institutions. They don’t join our system until they’re assured that their data is protected,” Contreras-Sweet said.