No Easy Fix For SME Cybersecurity

Uploaded on 2017-04-03 in NEWS-News Analysis, GOVERNMENT-Law Enforcement, FREE TO VIEW

Small and medium sized businesses are frequent targets for cyber-attacks and their results can be devastating, but there’s no quick fix, advocates told lawmakers during a recent hearing.

There’s no uniform standard these businesses can adopt to ensure they won’t suffer a cyber breach, denial-of-service or ransomware attack or to ensure they won’t be pummeled with financial losses and lawsuits when they do.

Even when small companies want to protect themselves, they often don’t know where to turn for help. Or they may lack the financial resources for security that goes beyond basic antivirus protection and making sure their systems are reliably patched.

“The average business owner is what we call trapped in a whirlwind,” Charles Rowe, president of America’s Small Business Development Centers, a trade association, testified before the US House Small Business Committee. “They’ve got 5,000 things to worry about, and sometimes this is not the wolf closest to the sled.”

Rowe advocated during the hearing for an interagency committee designed to help companies adopt cyber-security best practices, similar to the Trade Promotion Coordinating Committee, which was created to aid exporters.

Jim Mooney, cyber-security chair of the National Association of Federally-Insured Credit Unions, urged the government to develop national cyber-security standards for companies similar to those currently required for banks and other financial firms under the Gramm Leach Bliley legislations.

Those standards should focus on providing “flexibility, scalability and risk-based assessments,” he said.

Companies are notoriously wary of new regulations, however, and cyber threats often move too fast for firm regulations to keep up.

Companies not bound by specific regulation are currently required to take “reasonable steps” to protect customer data, according to the Federal Trade Commission.

That vague standard, however, can be concerning for companies, Rowe said.

“What’s reasonable is shifting all the time and it’s hard to tell if you’re a small business where the bar has moved to,” he said.

NextGov

Directors Report January 2017. Cyber Security Checklist For Management (£):

Company Boards Need To Get A Grip:

Cost of Data Breaches Will Keep On Getting Higher:

 

« Wikileaks Vault 7 And The CIA Hacking Arsenal
Would Killing Bitcoin End Ransomware? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

International Security Management Association (ISMA)

International Security Management Association (ISMA)

ISMA is an international security association of senior security executives from major business organizations located worldwide.

FaceFirst

FaceFirst

FaceFirst provide face recognition technology solutions to detect and deter real time threats,

Awen Collective

Awen Collective

Awen Collective develops software-based tools for performing Digital Forensics, Incident Response and Cyber-Crime Investigation.

CyberArrow

CyberArrow

CyberArrow (formerly EBDAA) is a consultancy company providing high quality consultancy services in Risk & Compliance and Awareness & Education.

GraVoc

GraVoc

GraVoc is a technology-consulting firm committed to solving business problems for customers through the development, implementation, & support of technology-based solutions.

Hornetsecurity

Hornetsecurity

Meet Hornetsecurity – Leading Cloud Email Security Provider. We protect global organizations so you can focus on what you do best.

Sky Data Vault

Sky Data Vault

Sky Data Vault provide the simplest and most cost effective method of Disaster Recovery / Business Continuity for mission critical systems and applications.

Plexal

Plexal

Plexal is East London's innovation centre and co-working space. We offer startups flexible memberships, giving them access to office space plus all the benefits and support they need to scale.

EVOKE

EVOKE

EVOKE is an award-winning Digital Transformation company that partners with its clients to build digital workplace solutions for organizational challenges.

Neptune Cyber

Neptune Cyber

Neptune is a cyber security company that works exclusively in the marine sector. Our team combines experts in shipbuilding, maintenance and operations and cyber security testing and design.

West Midlands Cyber Resilience Centre (WMCRC)

West Midlands Cyber Resilience Centre (WMCRC)

The East Midlands Cyber Resilience Centre supports and helps protect SMEs and supply chain businesses and third sector organisations in the region against cyber crime.

11:11 Systems

11:11 Systems

11:11 Systems synchronizes every aspect of network services for your business. Build your network with the industry’s most trusted expert skills.

Redbot Security

Redbot Security

Redbot Security provides industry leading manual penetration testing. Protecting critical systems and data - red team attack and breach simulations, (OT) critical infrastructure testing.

Avalor

Avalor

Avalor are on a mission to help security teams make faster, more accurate decisions by making sense of their data. With Avalor you can bring in data from anywhere, normalize it and analyze it.

Netcraft

Netcraft

Netcraft is a global leader in cybercrime detection and disruption, combining cutting-edge technology with decades of experience to protect organizations of all sizes from digital threats and attacks.

Intertec Systems

Intertec Systems

Intertec Systems is an award-winning, global IT solutions and services provider that specializes in digital transformation, cybersecurity, sustainability, and cloud services.