![]() ![]() I strongly encourage all small businesses to use these tools today to keep the cybercriminals out and their operations on track.” Other governments offering cyber help for SMBs That’s why the NCSC has created the Cyber Action Plan and Check Your Cyber Security to help them boost their online defenses in a matter of minutes. Lindy Cameron, NCSC CEO, noted that while small businesses are the backbone of the UK economy, “we know that cybercriminals continue to view them as targets. The results are analyzed immediately, and the user is given a “personalized action plan” that the business can do right now to heighten its cybersecurity posture as their takeaway. The assessment walks the user through a basic cyber hygiene survey. The online assessment normally takes between three-to-five minutes to complete. The UK’s National Cybersecurity Centre (NCSC) offers its own cyber action plan, which includes a free assessment for small organizations. UK help for small and medium-sized businesses Topics addressed by CISA for the SMBs include securing supply chains and assessing vendors and vendor security posture. Couple this with the plethora of resources provided by the Cybersecurity and Infrastructure Security Agency (CISA) and every SMB has a healthy slate of resources to advance their knowledge considerably. The NIST COI initiative is designed to get SMBs into the mix and to bring to the forefront resources so they may become cybersecurity aware and hardened. Beyond benefiting the NCCoE and its participants, this new community of interest promises to improve the return on all of NIST’s investments in cybersecurity research, standards, guidelines, and practices.” At the inaugural community of interest event in March 2023, US Deputy Secretary of Commerce Don Graves commented that: “This initiative will help to make sure that NIST’s guidance is both meaningful and practical for smaller companies and other organizations to put into use. The NCCoE, established in 2012, provides businesses with practical information on securing their information technology. The United States has created a “ Small Business Cybersecurity Community of Interest” (COI) within the rubric of the National Cybersecurity Center of Excellence (NCCoE). US help for small and medium-sized businesses Recent United States and United Kingdom government efforts are timely and readily available to address shortcomings and bring resources to the table for the SMB. ![]() There’s more government help available for SMBs than might be immediately apparent. Small business operators should be aware that regulatory regimes are also for their protection, not just the big guys - regimes such as GDPR and the European Data Act (EDA), which details data ownership and “gives individuals and businesses more control over their data through a reinforced data portability right, copying or transferring data easily from across different services, where the data are generated through smart objects, machines, and devices.” That’s just smart practice for any business, and why many countries are looking to keep tabs on where data comes from, regulate what data should be protected, and in some cases determine how it should be treated. From the point of view of a Europe-headquartered entity, he further recommended that companies put in place the ability to verify the provenance of their data. SMBs must start somewhere, and the first step is to implement multifactor authentication everywhere, Gerhardt said. This sound advice was echoed by Utimaco CTO Nils Gerhardt, who availed himself to be interviewed during the same RSA Conference. Ensure all network access is role-based - no one who doesn’t need to see a system should be able to touch it (again, with access granted through MFA).Implement multifactor authentication (MFA) everywhere possible.Maintain visibility into your network - if an SMB has one, then it is incumbent upon administrators to know every item touching the network.He spoke pragmatically about the situation small companies find themselves in and suggested the following low-cost, high-return fundamental strategies (along with the basic rubric of don’t defer, get the car moving, and revise as you are able): The advice from industry and government to SMBs is united in this regard and aligns with the Chinese proverb: “The best time to plant a tree was 20 years ago the second-best time is today.”Īt the recent RSA Conference, I had the occasion to speak with Candid Wüest, vice president of cyber protection and research at Acronis, about cybersecurity for the SMB and how a resource-strapped entity should be looking to protect themselves. If you haven’t already, start thinking about security nowĪctually, there are plenty of reasons to start thinking about cybersecurity right now.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |