Yesterday, Sen Cardin (D,MD) introduced S 4900, the SBIR and STTR Extension Act of 2022. The bill would extend the current Small Business Innovation Research Program (SBIR) and Small Business Technology Transfer Program (STTR) through 2025. A number of changes were made to the programs to prohibit the programs’ awarding funds to companies receiving significant support from the Chinese government. There is one minor cybersecurity provision in the bill. The bill was passed in the Senate without debate under the unanimous consent process.
Cybersecurity in Passing
There is one cybersecurity mention in the bill. In the new subsection (vv) being added to 15 USC 638 the bill adds a requirement for the Small Business Administration to conduct a “due diligence program to assess security risks presented by small business concerns seeking a federally funded award.” That assessment is to include “using a risk-based approach as appropriate, the cybersecurity practices [emphasis added], patent analysis, employee analysis, and foreign ownership of a small business concern seeking an award, including the financial ties and obligations (which shall include surety, equity, and debt obligations) of the small business concern and employees of the small business concern to a foreign country, foreign person, or foreign entity”.
Moving Forward
With the bill passing in the Senate essentially unread by most
members, it is perhaps premature to expect the same level of support in the
House, where the bill will next be considered. I do not see, however, anything
in the bill that would engender any organized opposition. The bill will most
likely be considered under the House suspension of the rules process, where
there would be limited debate, no floor amendments and would require a
super-majority vote to pass. I suspect that there will be significant bipartisan
support for the bill.
Posts
No comments:
Post a Comment