Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
Small businesses are struggling to leverage limited resources to effectively contribute to U.S. public-private cyberthreat information programs, government officials said at an information sharing panel Oct. 31.
Cyberattacks don’t only affect the largest companies and government agencies, but are increasingly hitting small businesses, which often store employee, health, payment card, and other sensitive data. The Small Business Administration estimates that there are over 28 million small businesses—companies that employ less than 500 people—in the U.S. and that they employ over 50 percent of the U.S. workforce.
These smaller companies can offer valuable insight into everyday cybersecurity threat indicators that could slip through the cracks, but many aren’t sharing that information with the government, officials said at the International Information Sharing Conference.
Private sector companies, no matter the size, “are the eyes and ears” for U.S. cyberthreats, Marcus Joachim, supervisory special agent in the FBI’s office of private sector, said.
Small businesses often don’t have the necessary resources and technical know-how to adequately protect against cyberattacks, Reggie McKinney, program director of the Department of Homeland Security’s C3 voluntary cybersecurity threat program, said.
Even with limited resources and cybersecurity knowledge, small businesses can enter the cyberthreat information sharing world by working with industry groups and government officials.
These industry sector groups, often called information sharing and analysis centers (ISACs) or organizations (ISAOs), generally have low-barriers for a company to join and offer the assistance of seasoned cybersecurity professionals without having to hire a full security team, McKinney said.
The government has also increased its cybersecurity direct outreach efforts.
The Small Business Administration has been reaching out to local chambers of commerce, technology vendors, and banks that serve small businesses to raise cybersecurity threat sharing awareness, Jack Bienko, SBA deputy director for entrepreneurship education, said at the panel.
The government wants companies of all sizes to share actionable cyberthreat data.
The U.S. government public-private threat information sharing system is important to help expose “malicious cyber activities,” Jeanette Manfra, DHS assistant secretary for cybersecurity, said in an Oct. 31 statement.
The House Oct. 11 passed a bill that would provide cybersecurity guidance to the nation’s millions of small businesses, which are frequent targets of cyberattacks. The measure would require the Department of Commerce’s National Institute of Standards and Technology to create small business cybersecurity voluntary guidelines. The Senate passed a similar bill Sept. 28.
To contact the reporter on this story: Daniel R. Stoller in Washington at firstname.lastname@example.org
To contact the editor responsible for this story: Donald Aplin at email@example.com
Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)