Congress addresses cyberwar on small business: 14 million hacked over last 12 months
A new bill advanced by the U.S. Senate – the Main Street Cybersecurity Act – calls the National Institute of Standards and Technology (NIST) to create resources and guidelines for small businesses on preparing for and fighting cyber attacks. Reporter Andrew Zaleski discusses the potential implications of the bill and the growing data breach threats small businesses face in the U.S., which could be “especially susceptible to phishing attacks via email or fraudulent activity…in their e-commerce shops.” Zaleski also speaks with security experts about small business cyber threats and what businesses can do to protect themselves, including performing regular backups and software updates, enabling strong authentication, creating stronger passwords and installing antivirus software.
Cyber breaches have cost shareholders billions since 2013: report
A recent study by CGI and Oxford Economics shows that severe cybersecurity breaches –“such as those having legal or regulatory consequences, [involving] the loss of hundreds of thousands of records and hurt the firm’s brand” – permanently damage companies’ share prices by 1.8 percent on average. The study, which examined 65 companies impacted by breaches since 2013, found that an investor in one of these firms would be “worse off” by $120 million+ on average, with the overall cost to shareholders of these companies “in excess of 42 billion pounds ($52.40 billion).” This piece, originally published by Reuters, discusses these and other study results.
The Three ‘B’s’ of Cybersecurity for Small Business
Cyber breaches are increasingly happening to not just large companies but also small businesses. In fact, in the last year, half of American small businesses were breached, with damages including stolen W-2 forms and fraudulent wire transfers. Reporter Scott Shackelford recommends following three “B’s” of cybersecurity: be aware, be organized and be proactive. He explains what’s involved in each “B” and shares resources, such as the NIST Cybersecurity Framework, and other tips for small businesses to follow in preparing for and mitigating cyber attacks.
The Cost of a Cyber Breach – How Much Your Company Should Budget
Forbes reporter Christopher P. Skroupa features an interview with Ariel Evans, an American Israeli cybersecurity expert, entrepreneur and business developer. Evans shares insights on the major areas of growth in cybersecurity – “cyber risk, cyber insurance and IoT security,” the need for boards and executives at organizations to protect critical assets and fight cyber threats, some of the security tools organizations have in place and their effectiveness, the fast-growing world of cyber insurance and the increased cyber risks brought on by the growing IoT and cloud and mobile technologies.
Systemic cybersecurity crisis looms
Network World opinion writer Sean Cassidy argues that as the number of cyber attacks and data breaches continues to grow, the perception that cybersecurity is too costly and organizations’ habit of implementing “bare minimum security measures” could be “paving the way for a systemic cybersecurity crisis.” He also mentions that when security vendors market their products as cybersecurity cure-alls, they may be harming organizations by tricking them in to thinking they do not need to do anything else to mitigate cyber threats. Cassidy says cybersecurity should be “an ongoing initiative that impacts the entirety of an organization, not just the IT department.” He shares ideas for building a strong cybersecurity plan and promoting a culture of cybersecurity across an organization.
House staffers to get training on social media, email security
On April 26, the National Cyber Security Alliance (NCSA) launched an initiative to train elected officials and their staff to protect their email and social media accounts. The Lock Down Your Login campaign kicked off with an event on Capitol Hill and will involve NCSA meeting with officials from the city council level and up through the federal government to help them combat cybercrime. For more information about the initiative, visit https://www.lockdownyourlogin.org/.