The CyberSecure My Business™ Review is a monthly newsletter for organizations highlighting recent headlines in cybersecurity news, resources and upcoming events.
Business Cybersecurity in the News
FICO-Like Cybersecurity Scores Are Imminent: What Do They Mean for Your Business?
All businesses use data to measure their progress and assess their strengths and weaknesses. Mark Kuhr, co-founder and chief technology officer of Synack, argues that it’s only a matter of time before there will be a unified rating system for evaluating cybersecurity just as there are for other business areas. Kuhr suggests a few key things for businesses to consider when examining their security postures: knowing “where your risk is coming from” and understanding your data, staying on the offensive and leveraging outside resources for security.
House Approves Bill to Bolster Small Business Cybersecurity
The U.S. House of Representatives recently approved legislation that would require the National Institute of Standards and Technology (NIST) to produce and disseminate resources to help small businesses with cybersecurity. According to reporter Morgan Chalfant, the NIST Small Business Cybersecurity Act of 2017 would “direct NIST in coordination with other federal entities to offer additional resources to small businesses that choose to use its cybersecurity framework [including] guidelines, tools and best practices” to help them manage cyber risks.
Understand Your Risk, Then Invest in Your Small Business Cybersecurity Plan
Small Business Trends
The Better Business Bureau (BBB) recently released a report – “The State of Small Business Cybersecurity in North America” – coinciding with National Cyber Security Awareness Month. The report, whose respondents represented about 1,100 businesses, indicates that the average annual loss from cyberattacks is $79,841. Bill Fanelli, BBB’s chief security officer, encourages organizations to invest in cybersecurity – without going overboard – and shares a five-step process for determining how much is appropriate to spend on safeguarding the company against cyberattacks.
Businesses Beware: Researchers Spot Bug in Wi-Fi Network Encryption
A new Federal Trade Commission (FTC) blog post discusses a new bug that “lets attackers ‘break’ WPA2 – the encryption that protects most wireless networks – leaving data you send exposed.” Fortunately, using a security update or patch can help fix the issue. This post also highlights key tips for protecting your sensitive information and security online.
Cybersecurity Needs to Be a Day One Priority for All Startups
When asked, “When should startups start thinking about cybersecurity?”, Bernie Klinder, serial entrepreneur, investor and consultant, says “from day one.” As technology advances, it becomes more critical to consider security at the beginning of a business strategy, rather than developing the business plan first. Klinder walks readers through a scenario in which a startup is targeted by ransomware attacks and database breaches and fails as a result; he stresses that “the vulnerability to your business starts as soon as you have an email address” and emphasizes the importance of building security in to businesses from the start.
Shark Tank’s Robert Herjavec: Cybersecurity at Work Is Everyone’s Responsibility
TechRepublic reporter Conner Forrest features an interview with Robert Herjavec, star of ABC’s Shark Tank and founder of cybersecurity firm Herjavec Group, sharing Herjavec’s insights about cybersecurity in the workplace. According to Herjavec, humans are the “weakest link in an organization’s system.” Forrest highlights Herjavec’s recommendations for phishing education at work, tailoring cybersecurity messages to different audiences across the organization and preparing front-line security professionals to deal with emerging threats.
The Cyber Security Skills Your Business Needs
The demand for cybersecurity professionals continues to grow, along with the number of unfilled cybersecurity positions; according to Intel Security, the cybersecurity skills gap is set to grow between one and two million positions by 2019. Organizations depend on having skilled cybersecurity workers, and careers in this field can be rewarding and bring a number of benefits. ITPro reporter Jane McCallion discusses the top skill areas for working in the cybersecurity field, including network security, risk management, patching and software management, big data analysis, non-technical skills and governance.
Resources From Our Partners and Friends
- Stick With Security – Resources for Your Business: The FTC’s Stick With Security blog series dives deeper into data security by focusing on lessons learned from recent cases, insights from closed investigations and the questions the FTC has received from businesses. This post highlights some of the many resources available on the FTC’s Data Security page – information on its cases, brochures for businesses and specific business audiences, videos, resources for small businesses and more blog posts.
CyberSecure My Business Webinar – Learn to Identify Key Assets and Data
Tuesday, Nov. 14
2:00-3:00 p.m. EST/11:00 a.m. – 12:00 p.m. PST
The National Cyber Security Alliance (NCSA) – as part of its CyberSecure My Business™ program – is hosting a webinar to help businesses learn how to identify key assets and data. What data and technology do you have that has value to others? Learn about resources available to help you improve the cybersecurity of your business.
- Moderator: Kristin Judge, Director of Special Projects, NCSA
- Andrea V. Arias, Attorney, Division of Privacy and Identity Protection, Bureau of Consumer Protection, FTC
- Lana Davenport, Risk Management and Mitigation, Information Security, FedEx Services
- Jeff Marron, IT Specialist – Security, National Institute of Standards and Technology (NIST)
- Reggie McKinney, Program Director, C3 Voluntary Program, U.S. Department of Homeland Security
- Zara Smith, Strategic Programs Manager, Michigan Small Business Development Center
CyberSecure My Business™ Contributing Sponsor:
- Small Business, Big Threat