top of page
Search

Day 18 - May 18 - Cybersecurity Concerns of Small Business

  • Elizabeth Rasnick
  • May 19, 2023
  • 2 min read

ree

Yesterday, I attended the SANS Small Business Cybersecurity Summit. I participated because small businesses hold a special place in my heart. Many of my family and friends have or are small business owners. Through witnessing their work, I have become aware of many of their struggles, cybersecurity among them. I see three key elements of cybersecurity for small businesses.


The first is the mysterious and overwhelming nature of cybersecurity. Much like computers seemed like the great unknown in the 1980’s, cyberspace does now. This sense of the unknown causes people to fear aspects of it. There is also so much going on within cyberspace that it often makes people feel they will be safe if they hide in ignorance of it. Think of the ostrich burying its head in the sand.


The second is the skill set needed to navigate cybersecurity. While small business owners and employees are used to filling many roles in their day-to-day work, they are limited to doing what they know or can figure out on the fly. Cybersecurity is, generally, neither of these. Many small businesses still do not even have websites, forget a formal incident response plan.

And the third is the seeming lack of resources for small business cybersecurity issues. Let’s imagine a small business has a person who is comfortable with getting things done inline and has some cybersecurity awareness skills. How will this person know what an acceptable user policy should look like for their business? What about the BYOD policy? What is the plan when a ransomware attack hits?

The Small Business Development Center (SBDC) is a great resource for some of these needs. Cybersecurity training organizations like SANS offer programs specifically for small businesses. The Cyber Readiness Institute has a load of resources for small business owners including a starter kit. Their starter kit breaks cybersecurity readiness down into four core cyber issues: passwords, software updates, phishing, and secure storage & sharing. This approach does not seem so formidable. They also offer consultations to help small business owners review their new cybersecurity plans. It’s a wonderful free resource for business owners. It includes identifying and training a cybersecurity leader within each small business. That simple act means everyone knows who to contact if they run into a problem, like a suspicious email or an odd looking link.

Note: Please don’t take this post as an advertisement for SANS or any other organization. They happen to have hosted the event I attended yesterday. There will be other organizations mentioned in later posts.

 
 
 

Comments

bottom of page