In developing guidance or recommendations or identifying best practices under subsection (a), the Administrator and the Director of the Cybersecurity and Infrastructure Security Agency shall take into consideration small business concerns (under the meaning given that term in section 632 of title 15), including any need for separate guidance or recommendations or best practices, as necessary and appropriate.
Nothing in this section may be construed to supersede any requirement established under any other provision of law.