Policy Visualization

Bill Overview

Title: Small Business Cybersecurity Assistance Pilot Program Act

Description: This bill reauthorizes through FY2025 the Cybersecurity Assistance Pilot Program that provides grants to states to assist small businesses in developing their cybersecurity infrastructure.

Sponsors: Rep. Joyce, David P. [R-OH-14]

Target Audience

Population: people employed by or reliant on small businesses globally

Estimated Size: 60000000

There are approximately 400 million small and medium-sized enterprises (SMEs) worldwide, according to a World Bank estimate.
An SME on average employs 10-250 people, significantly contributing to employment.
Cybersecurity is critical as digital threats continue to evolve, affecting all sectors globally.
Small businesses may face challenges in affording or implementing cybersecurity measures without support.

Reasoning

The Small Business Cybersecurity Assistance Pilot Program is designed to provide support to small businesses to help them improve their cybersecurity infrastructure.
The program targets small businesses which are a significant part of the US economy by providing grants to states, which can be used to subsidize or fully support cybersecurity upgrades.
Considering the budget constraints, not all small businesses can be reached; therefore, it's critical to prioritize those with higher vulnerability or greater need for cybersecurity assistance.
We should capture a variety of impacts, including those from individuals within varying roles in small businesses, different industries, and across different geographic locations.
The program's effects on wellbeing are likely to vary by how directly the individual perceives an increase in security or operational benefits from the policy.
Some individuals may not feel a direct impact from the policy but might experience secondary benefits, like increased job security or reduced stress from worrying about data breaches.

Simulated Interviews

Owner of a small tech startup (Austin, Texas)

Age: 45 | Gender: male

Wellbeing Before Policy: 6

Duration of Impact: 10.0 years

Commonness: 5/20

Statement of Opinion:

This policy seems pretty beneficial. I often worry about our cybersecurity, but it’s usually not within our budget to make significant improvements.
Grants to help us can reduce my business expenses and make it easier to attract clients by guaranteeing their data’s safety.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	7	6
Year 2	7	5
Year 3	8	5
Year 5	8	4
Year 10	9	3
Year 20	7	3

Manager at a small retail chain (Cleveland, Ohio)

Age: 33 | Gender: female

Wellbeing Before Policy: 5

Duration of Impact: 5.0 years

Commonness: 8/20

Statement of Opinion:

I think this could really help us enhance our systems. Customers often ask about how secure their payments are.
It might help us reduce the chance of data breaches and improve our client relationships.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	6	5
Year 2	6	4
Year 3	7	4
Year 5	7	3
Year 10	6	3
Year 20	5	2

Financial advisor for small businesses (Miami, Florida)

Age: 58 | Gender: male

Wellbeing Before Policy: 7

Duration of Impact: 7.0 years

Commonness: 6/20

Statement of Opinion:

I believe this policy gives small businesses I work with a significant leg up.
It allows them to reallocate resources usually set aside for cybersecurity to other areas, like growth or development.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	7	6
Year 2	8	6
Year 3	8	6
Year 5	8	5
Year 10	8	5
Year 20	7	5

Freelance graphic designer (Los Angeles, California)

Age: 29 | Gender: female

Wellbeing Before Policy: 6

Duration of Impact: 3.0 years

Commonness: 9/20

Statement of Opinion:

I don’t believe the policy affects me directly, but it’s nice to think my clients might see indirect benefits.
If they can secure their businesses, that means perhaps longer contracts for me without interruptions.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	6	6
Year 2	6	5
Year 3	6	5
Year 5	6	5
Year 10	5	4
Year 20	5	3

IT support specialist for a small enterprise (Seattle, Washington)

Age: 40 | Gender: male

Wellbeing Before Policy: 8

Duration of Impact: 5.0 years

Commonness: 7/20

Statement of Opinion:

This policy is fantastic, although I worry about its reach given the budget constraints.
It’s essential that the businesses that need it most get first access to these resources.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	8	7
Year 2	8	6
Year 3	8	6
Year 5	9	5
Year 10	8	4
Year 20	7	3

Accountant at a small business consultancy (Atlanta, Georgia)

Age: 52 | Gender: female

Wellbeing Before Policy: 6

Duration of Impact: 4.0 years

Commonness: 6/20

Statement of Opinion:

While my own job's practices don't directly benefit, my clients have been asking for help with cybersecurity.
A policy like this could make consulting services like mine even more valuable to small businesses.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	6	6
Year 2	6	5
Year 3	7	5
Year 5	7	4
Year 10	6	4
Year 20	6	3

Barista at a local coffee shop (Chicago, Illinois)

Age: 34 | Gender: female

Wellbeing Before Policy: 5

Duration of Impact: 0.0 years

Commonness: 8/20

Statement of Opinion:

I don't think this policy will impact me personally unless my workplace uses some grant to upgrade our systems.
It's good to know small businesses will have improved protection against threats.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	5	5
Year 2	5	5
Year 3	5	5
Year 5	5	5
Year 10	5	4
Year 20	5	3

Digital marketer for a small business (New York, New York)

Age: 50 | Gender: male

Wellbeing Before Policy: 7

Duration of Impact: 5.0 years

Commonness: 5/20

Statement of Opinion:

Having a significant focus on cybersecurity is crucial, and this policy can assist in enhancing our systems.
I'm optimistic this will lead to more secure operations and perhaps even grow our client base.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	7	6
Year 2	8	6
Year 3	8	5
Year 5	8	5
Year 10	7	4
Year 20	6	3

Software developer at a small app development company (Denver, Colorado)

Age: 27 | Gender: male

Wellbeing Before Policy: 6

Duration of Impact: 7.0 years

Commonness: 4/20

Statement of Opinion:

It's really helpful to know there might be financial assistance for better cybersecurity.
After earlier incidents, any improvement or aid in security is a relief.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	7	6
Year 2	8	5
Year 3	9	5
Year 5	9	4
Year 10	8	3
Year 20	6	2

Owner of a small health food store (Portland, Oregon)

Age: 39 | Gender: female

Wellbeing Before Policy: 5

Duration of Impact: 3.0 years

Commonness: 10/20

Statement of Opinion:

While not presently my top priority, I understand future value in upgrading our digital security as our business grows.
It's encouraging to know there's potential support for when I need it.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	5	5
Year 2	5	4
Year 3	6	4
Year 5	6	3
Year 10	5	3
Year 20	3	3

Cost Estimates

Year 1: $70000000 (Low: $50000000, High: $90000000)

Year 2: $72000000 (Low: $52000000, High: $92000000)

Year 3: $75000000 (Low: $54000000, High: $95000000)

Year 5: $0 (Low: $0, High: $0)

Year 10: $0 (Low: $0, High: $0)

Year 100: $0 (Low: $0, High: $0)

Key Considerations

The balance between cost and effectiveness in cybersecurity assistance will be crucial for the program's success.
There needs to be a rigorous monitoring and evaluation framework to measure program impact and optimize grant allocation.
Cyber threats are evolving rapidly; thus, the program must remain adaptable to new challenges.