[Federal Register Volume 76, Number 19 (Friday, January 28, 2011)]
[Notices]
[Pages 5232-5233]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2011-1849]
=======================================================================
-----------------------------------------------------------------------
SMALL BUSINESS ADMINISTRATION
Small Business Information Security Task Force
AGENCY: U.S. Small Business Administration.
ACTION: Notice of meeting minutes.
-----------------------------------------------------------------------
SUMMARY: The SBA is issuing this notice to publish meeting minutes for
the Small Business Information Security Task Force Meeting.
DATES: 1 p.m., Wednesday, December 8, 2010.
ADDRESSES: The meeting was held via teleconference.
SUPPLEMENTARY INFORMATION: Pursuant to section 507(i)(4)(A) of the
Credit Card Accountability Responsibility and Disclosure Act of 2009,
SBA submits the meeting minutes for the third meeting of the Small
Business Information Security Task Force. Chairman, Rusty Pickens,
called the meeting to order on December 8, 2010 at 1 p.m. Roll call was
taken and a quorum was established. Mr. Pickens reported on
developments since the last meeting, noting first that comments
received on the draft work plan had been incorporated to add new
subject areas for academics and technology. Also, Mr. Erdle had
prepared a one page document describing available technical
certifications for small businesses that he provided to Mr. Pickens as
a starting point for collating data on security certification and
training. Mr. Pickens undertook to provide the document to the group in
advance of the next meeting for review and discussion at the meeting.
Subsequently, Mr. Pickens reported on his telephone conversation with
Mr. Bob Russo of the PCI Security Standards Council (PCI SSC) to
explore the possibility of having Mr. Russo brief the Task Force on the
Council's work, and of having the PCI SSC conduct a webinar for the
Task Force in the Spring of 2011 on credit card security issues for
small businesses. The group then engaged in an open discussion
regarding the collection and organization of the data to be included in
the Task Force report. Additional subject areas were proposed for
potential inclusion, such as government contracting security
requirements, protection of customer privacy, and security
certification and training applicable to both small business employees
and contractors.
Ms. Marx noted that as the Task Force objective originated from the
Credit Card Act, a useful starting point for reviewing information
available to assist small merchants would be the Payment Card Industry
Security Standards, which lay out the requirements for protecting
credit card data. The group endorsed Mr. Pickens' proposal for a PCI
Standards briefing and webinar; in addition, Ms. Marx offered to
provide the group with a link to the PCI SSC's recently launched small
business website dedicated to online credit card security.
Before concluding the meeting, the group discussed next steps in
organizing the work plan. Mr. Pickens asked for volunteers to adopt
each of the broad subject matter categories already identified by the
group and to flesh them out with more detail for review at the next
meeting Members duly volunteered for certain identified subject areas
and Mr. Pickens agreed to suggest other members to accept
[[Page 5233]]
responsibility for the remaining areas at a later date.
The next meeting date was determined before the meeting was
adjourned at 1:49 p.m.
FOR FURTHER INFORMATION CONTACT: Rusty Pickens, Special Consultant to
the Office of the CIO, U.S. Small Business Administration,
[email protected].
Paul T. Christy,
SBA Chief Information Officer.
[FR Doc. 2011-1849 Filed 1-27-11; 8:45 am]
BILLING CODE 8025-01-P