Small businesses aren’t taking the necessary precautions to protect themselves from cyber attacks, according to the U.S. Federal Communications Commission (FCC) – but Uncle Sam wants to help.
The U.S. Government agency, better known for battles over media deregulation, is now looking ot help small businesses secure their networks and IT assets, according to a roundtable discussion this week. Small businesses are ill prepared for the cyber security challenges of a new world in which Internet access will be critical to almost every business, according to panel members, who called for a “culture change” regarding network security similar to that which they compared to the changes in public opinion about smoking over the last few decades.
July 29, 2016 , 10:45 am
July 27, 2016 , 12:57 pm
June 29, 2016 , 5:03 pm
The round table is part of the larger National Initiative for Cybersecurity Education (NICE), a partnership led by the National Institute for Standards and Technology (NIST). The partnership is designed to educate small businesses about broadband Internet connections and other technologies that can greatly increase revenue. Securing small business networks goes hand in hand with that effort, so the FCC has created a cyber security tip sheet along with private sector partners including the US Chamber of Commerce, McAfee, and Symantec.
Many small businesses in the U.S. have a “throw your hands in the air” attitude about security, assuming either that intrusions are too complicated for them to effectively mitigate or that their company is not a viable target. That’s a contrast to large enterprises, most of which have taken the necessary steps to secure their networks, and have, as a result, become more difficult to compromise. Fully 74% of small to mid-size businesses have reported being affected by an attack of one kind or another in the last year according to data from Symantec.
Secretary Michael Chertoff, Chairman of Chertoff Group pointed to a few areas of critical concern in protecting small businesses from intrusions. According to him, these companies need to be concerned with how they protect sensitive transactional information, proprietary business data, intellectual property, and the personally identifiable information of their customers, employees, and contractors in addition to being vigilant regarding criminal extortion threats against their networks, like DDoS and external attacks.
Firms need to take appropriate precautions that will help prevent cyber attacks. However, no defense is perfect, so there needs to be a plan in place to respond to and survive attacks. That includes backing up data, putting the necessary security mechanisms in place, and perhaps most importantly, educating employees about common cyber security risks, panel members agreed. Among the tips recommended by the FCC panel: