The House Small Business Committee released this information on March 7, 2017. It reinforces what we have been warning our clients, whether they are business owners or private individuals. Since we personally see the devastation of cybercrime every day, we reiterate the need for you to install Cylance, to help protect you from ransomware and malware and use redundant data backup.
Please read this government report to learn how they are approaching cybersecurity. Be diligent in how you use technology. We are here to assist you in any way we may. – Jinx Davis, Millennium Group
WASHINGTON – Experts told the House Small Business Committee today that the federal government must do a better job coordinating federal resources to protect America’s 28 million small businesses from growing and varied cybersecurity threats.
“A cyberattack can have serious consequences, not only for small businesses, but also their customers, employees, and business partners,” said Chairman Chabot. “Sixty percent of small businesses that fall victim to a cyberattack close up shop within six months. A 2014 survey from the National Small Business Association estimated the average cost of a cyber attack on a small business to be over $32,000.”
“In our Committee’s efforts to spotlight these serious and growing threats, it has been abundantly clear that the federal government needs to step up its game when it comes to protecting the cybersecurity of small businesses and individuals. And, to some extent, federal agencies have begun offering resources directly to small businesses in recent years,” added Chabot.
According to a report from Verizon, 71 percent of cyber attacks occurred in businesses with fewer than 100 employees in 2012.
A DEVASTATING EFFECT ON SMALL BUSINESSES
“When implementing new technologies, small businesses need to fully understand all of the potential security risks created by connecting to the Internet,” said Chuck Romine, Ph.D., Director of the Information Technology Lab at the National Institute of Standards and Technology (NIST). “The risks to systems are so complex and pervasive that one cannot reasonably expect small businesses to be experts in all areas of security, including properly implementing security controls for complex system configurations and assessing security features associated with new and emerging technology. Cybersecurity incidents can have a devastating effect on small businesses—60% of small companies will close within six months following a cyber attack.”
THE FTC WEIGHS IN
“Reports of data breaches affecting millions of American consumers have become commonplace,” testified Maureen K. Ohlhausen, the Acting Chairman of the Federal Trade Commission (FTC). “Data is an increasingly vital asset for every business, including small businesses, and as companies collect more personal information from consumers, the databases they create become more attractive targets for criminals. Hackers and others seek to exploit vulnerabilities, obtain unauthorized access to consumers’ sensitive information, and potentially misuse it in ways that can cause serious harm to consumers and businesses.”
SBDCs CAN HELP
“If a small business has any Fortune 500 companies as customers, they are an even more enticing target,” explained Charles “Tee” Rowe, the President & CEO of America’s Small Business Development Centers (SBDCs). “These secondary attacks are now a regular problem for small businesses. Small businesses are particularly vulnerable to email attacks mimicking their banks or other trusted institutions and citing an urgent need for account or some other vital information, and often multiple employees have access to that information. Further, business accounts do not enjoy the same protection against loss as consumer accounts—something many small business owners do not discover until it’s too late.”
- Yesterday, Chairman Chabot made a statement on the announcement that a Chinese cellphone equipment manufacturer had plead guilty and agreed to pay a nearly $1 billion settlement to the U.S. government for violated sanctions on Iran.
- The House Small Business Committee held several major hearings throughout the 114th Congress on foreign cyber threats to U.S. small businesses where expert witnesses identified foreign telecommunications companies as a major area of concern.
- Cybersecurity is a key focus of the House GOP’s A Better Way to Keep Us Safe and Free. On page 23, it states: “The United States needs a more comprehensive approach to sharing information on cyber threats. Today, since most networks are interconnected, weaknesses in security can create significant vulnerabilities in both civilian and government infrastructure. Likewise, information that is valuable to one network defender is helpful to all network defenders—and must be shared. Although some private-sector actors may be reluctant to share cyber threat information, government and industry have a common goal: to prevent cyber criminals and cyber terrorists from disrupting commerce, disabling critical infrastructure, and weakening national defense.”
- Last year, the House passed the Improving Small Business Cyber Security Act which helps small businesses facing cyber threats by providing access to additional tools and resources through existing federal cyber resources. The bill became law as part of the National Defense Authorization Act of 2017. The Department of Homeland Security (DHS) and other federal agencies have been permitted to work through Small Business Development Centers (or SBDCs) to streamline cyber support and resources for small businesses.