In a move designed to heighten the awareness of U.S. small and medium businesses (SMBs) to the issues surrounding cybersecurity and help them develop appropriate defenses, the Federal Communications Commission (FCC) announced on Monday, October 24th, that it will release a Small Biz Cyber Planner in November. The FCC developed the free online tool in conjunction with the DHS, the U.S. Chamber of Congress, and several commercial firms. Citing a new study by Symantec and the National Cyber Security Alliance (NCSA) that shows only 52% of SMBs have a security strategy in place and 40% do not have a data breach plan in place, FCC Chairman Julius Genachowski stated that “hiring cybersecurity experts is costly” and that the tool would be valuable “for businesses that lack the resources to hire a dedicated staff member to protect themselves from cyberthreats.”
Mr. Genachowski noted in his prepared remarks that small businesses are “key drivers of innovation, economic growth and job creation…[and] rely on broadband and communications technology to drive this success.” As a result, those entities can be targets for cybercriminals. Symantec data shows that sophisticated attackers have launched targeted attacks against companies with less than 500 employees more than any other type of company. In fact, the ingenuity of SMBs that has often led to the development of some very valuable intellectual property makes those companies even more attractive to cybercriminals.
Although some commentators claim that employee training has limited value, such training in a SMB could mean the difference between a catastrophic loss and a mere nuisance. Accordingly, Mr. Genachowski explained the importance of training employees on fundamental protection mechanisms. The proactive focus of such training should help reduce the likelihood of the SMB having to be reactive and needing to respond to a data breach situation in the future.
Finally, the FCC has released a two-page summary about the Small Biz Cyber Planner. The summary includes further data from the Symantec/NCSA study and provides details why broadband is important for SMBs. It finishes with a discussion of how SMBs need to protect against growing cybersecurity threats.
Cybersecurity continues to be a difficult issue for enterprises to handle adequately. Diminishing budgets coupled with increased pressure to produce mean that every area of a business undergoes careful scrutiny. Having to do even more with even less means that the Small Biz Cyber Planner should become a valuable asset for SMBs. We will cover it further when it comes out in November.