The CyberSecure My Business™ Review is a monthly newsletter for organizations highlighting recent headlines in cybersecurity news, resources and upcoming events.
Business Cybersecurity in the News
London Calling…U.K. Launches Cybersecurity Help Line for Small Businesses
The United Kingdom’s Information Commissioner’s Office is launching a phone service to guide small businesses and charities in preparing for the European Union General Data Protection Regulation (GDPR), which takes effect on May 25. This service joins a few others from the office for small businesses, including guidance documents on IT security, training and outsourcing. Reporter George R. Lynch discusses the help line and the U.S. Small Business Administration’s (SBA’s) recent outreach to local chambers of commerce, technology companies and banks to raise organizations’ awareness of the benefits of cybersecurity threat information sharing.
5 Ways to Improve Your Small Business Cybersecurity
An overwhelming majority – 87 percent – of small business owners say they do not think their organizations are at risk of being hacked, but a Keeper Security report shows that half of small businesses experience cyberattacks. Forbes contributor Mike Kappel discusses the cyber risks small businesses face and several ways they can improve their cybersecurity, including training employees, updating devices and securing wireless networks.
No Budget to Build an IT Staff? No Problem
Reporter Charles Cooper highlights that startups and small business “equal big targets of opportunity” for hackers, with half of small businesses in the U.S. suffering data breaches in the last year and one in three without basic cybersecurity protections in place. It’s critical to building consumer trust – and to overall business success – for startups and small organizations to prioritize security; Cooper shares guidelines for taking security measures on a budget, like prioritizing the most important assets and building policies and controls around that critical data, making sure network devices are only doing what they were acquired to do, regularly scanning for vulnerabilities and using a strong spam filter.
Here’s How Taking Cybersecurity Very Seriously Enhances Your Brand
“It is a scary time to do business,” says Entrepreneur guest writer Dan Kiely, citing the seemingly endless list of ways cybercriminals are attacking individuals, companies and governments. Thousands of cybercrime acts are committed each day, and nearly half of them target businesses; therefore, it’s important to adopt stronger security practices in order to build consumer trust. Kiely shares three key ways to “safely and successfully scale the trust of your customers”: taking control of updating company software; combating human error through prevention training, awareness programs, simplified reporting processes and internal testing; and continuously communicating with consumers about what the organization does to keep their information safe.
Uber Total Loss: 57 Million Records Stolen But Data Breach Was Hidden for a Year
In late November it was revealed that hackers had stolen the personal data of 57 million customers and drivers from Uber, part of “a massive breach that the company concealed for more than a year.” Following the disclosure, Uber fired its chief security officer and a deputy for the roles they played in keeping the breach “under wraps, which included a $100,000 payment to the attackers” to delete the information. This blog post from Stu Sjouwerman discusses how the breach occurred, Uber’s failure to disclose it in a timely manner, how the attack may result in more phishing attacks and what organizations can do to educate their employees and customers about protecting their accounts.
Next Cybersecurity Threats Will Include Machine Learning and More Malicious Ransomware
Small Business Trends
The McAfee Labs 2018 Threats Predictions Report suggests that cybercriminals have a few key trends in store for businesses in 2018, including cryptocurrencies, serverless apps and machine learning. Reporter Annie Pilon outlines some of these predictions in more detail, including that ransomware use will decline overall but the maliciousness of ransomware will increase, and emphasizes the importance of taking positive steps toward “shoring up on your cybersecurity efforts.”
Resources From Our Partners and Friends
- Michigan Small Business Development Center (SBDC) Cyber Security Awareness Program Report: Cyberattacks can devastate a small business. Data shows small businesses are increasingly the victims of such attacks as cybercriminals perceive them as easy targets. The Small Business, Big Threat cyber awareness program was developed to help small businesses understand the danger they face and the steps to protect themselves. Review the report and check out the program’s resources and expertise.
- SBA Learning Center – Cybersecurity for Small Businesses: This self-paced training exercise provides an introduction to securing information in a small business. Topics covered include defining cybersecurity, the importance of securing information through best cybersecurity practices, identifying the types of information that should be secured, identifying the types of cyber threats, defining risk management and best practices for guarding against cyber threats.
- Federal Trade Commission (FTC) Case Against Western Union: If you lost money to a scammer who had you pay using Western Union between Jan. 1, 2004, and Jan. 19, 2007, you can now file a claim to get your money back. The FTC shares two options for submitting your claim and background information on the case and answers key questions about the process.
CyberSecure My Business™ Workshop – Charlotte, NC
Tuesday, Dec. 12
9:00 a.m. – 12:00 p.m. (EST)
University of North Carolina at Charlotte
Popp Martin Student Union, Room 340
9201 University City Boulevard
Every business – large or small, for profit or nonprofit – holds data that has value. The best practices for protecting online accounts are the same for any type of organization. This workshop is designed to help all organizations better understand the threats they face and connect them with free resources to improve security.
Attendees will hear from experts about how to keep their online business data safe from cyber threats and what to do if they have fallen victim to cybercrime.
- Cindy Liebes, Director, Southeast Region, FTC
- Mike Arriola, Deputy District Director, North Carolina District Office, U.S. Small Business Administration (SBA)
- Marie Scholz, Staff Operations Specialist, Charlotte Division Cyber Squad, Federal Bureau of Investigation
- Rich Baich, Chief Information Security Officer, Wells Fargo
- Kristin Judge, Director of Special Projects and Government Affairs, NCSA
CyberSecure My Business™ Contributing Sponsor:
- Charlotte Regional Partnership
- The Institute
- Better Business Bureau
- The Women’s Business Center of Charlotte
CyberSecure My Business™ Webinar – Learn to Protect Key Assets and Data
Tuesday, Dec. 12
2:00-3:00 p.m. EST/11:00 a.m. – 12:00 p.m. PST
The National Cyber Security Alliance (NCSA) – as part of its CyberSecure My Business™ program – is hosting a webinar to help businesses learn how to protect key assets and data. Businesses of all sizes can learn to be safer and more secure online; learn about resources available to help you improve the cybersecurity of your business.
- Moderator: Kristin Judge, Director of Special Projects and Government Affairs, NCSA
- Colleen Huber, Director, Cyber Education Strategy, MediaPro
- Ryan Lambert, Senior Advisor, Office of Entrepreneurial Development, SBA
- Jeff Marron, IT Specialist, National Institute of Standards and Technology (NIST)
- Lisa Weintraub Schifferle, Attorney, Division of Consumer & Business Education, FTC
CyberSecure My Business™ Contributing Sponsor: