Small businesses are more dependent on the Internet than ever before, but 83 percent don’t have a formal cybersecurity plan to protect against cyber threats [1] As larger companies improve cyber defenses, American small businesses are becoming more vulnerable targets. According to Symantec, they were subject to hundreds of millions of cyber threats in just the first few months of 2012.[2] A typical cyber-attack that infiltrates a small business can cost, on average, close to $200,000 – enough to put many of them out of business.[3]
This week, the FCC is re-launching the Small Biz Cyber Planner 2.0, an online resource to help small businesses create customized cybersecurity plans. Originally launched in October 2011, it is the result of an unprecedented public-private partnership between government experts and private IT and security companies, including DHS, NCSA, NIST, The U.S. Chamber of Commerce, The Chertoff Group, Symantec, Sophos, Visa, Microsoft, HP, McAfee, The Identity Theft Council, ADP and others.
The Cyber Planner 2.0 features new details about cyber insurance to mitigate interruptions to business and financial loss from cyber-attacks, best practices on spyware, including how to avoid advanced versions of spyware and what immediate steps to take in case of infection, and recommendations to install new software systems that enable remote cleaning and tracking of laptops and mobile devices in the case of theft. The FCC is also releasing an updated one page Cybersecurity Tip Sheet. The quick resource features new tips on creating a mobile device action plan and on payment and credit card security.
Small businesses are a driving force on our economy. As they continue to leverage broadband technology, including smartphones, mobile payments, and the cloud, they must increase security and follow best practices so that they can continue to run efficiently.
The Small Biz Cyber Planner will be of particular value for businesses that lack the resources to hire a dedicated staff member to protect themselves from cyber threats. The tool will walk users through a series of questions to determine what cybersecurity strategies should be included in the planning guide, and generate a customized PDF that will serve as a cybersecurity strategy template.
The FCC, working with government and the private sector, is committed to furthering the message of the national cybersecurity awareness campaign. We must all Stop. Think. Connect. and together we can strengthen U.S. small businesses and ensure they remain a vibrant engine of the nation’s economy.
[1] 2012 NCSA/Symantec Small Business Study, Oct. 2012: http://www.staysafeonline.org/stay-safe-online/resources/. 87 percent of SMBs do not have a formal written Internet security policy for employees, while 69 percent do not even have an informal Internet security policy.
[2] Symantec Press Release, Oct. 15, 2012. Almost 40 percent of the over 1 billion cyberattacks Symantec prevented in the first three months of 2012 targeted companies with less than 500 employees.
[3] Symantec Global SMB Information Protection Survey, Jun. 2010: http://www.symantec.com/about/news/release/article.jsp?prid=20100621_01.
