This past week was National Small Business Week. There are more than 30 million small businesses in the United States. Two out of every three jobs created is done so by a small business. Small business is the engine of our national economy.
This year, the National Cybersecurity Alliance co-sponsored National Small Business Week to bring more attention to the unprecedented risk small businesses face today. We are all familiar with the large data breaches from companies like Target, Equifax and others. We don’t often here about breaches that happen to small businesses.
By co-sponsoring National Small Business Week, the National Cybersecurity Alliance is hoping to bring more attention to and resources for small businesses. Small businesses, by their very nature, will not have the internal resources to address the ever evolving cybersecurity threats they face. In fact, most will experience a cybersecurity event and not know it even happened.
For small businesses that hold confidential and/or valuable information about individuals or products and services, a breach could be devastating. Many small businesses don’t expect to be able to recovery from a cyberattack and assume one could put them out of business.
The National Cybersecurity Alliance recommends all business follow the NIST Cybersecurity Framework. This is a voluntary framework that defines the five key areas of a good cybersecurity posture for business of all sizes. I endorse this framework as well as I feel it sets a de facto standard by which all business can be sure they are taking the necessary steps to insure they have done all they can to protect themselves.
Given that the cost of the average data breach is approaching $4 dollars, it’s clear that if you do not take these steps to protect yourself, you business and perhaps your livelihood, could be wiped out with just one breach.
The five pillars of the Cybersecurity Framework are identify, protect, detect, respond and recover. You can visit www.nist.gov/cyberframework to learn more and explore resources to help you build your cybersecurity plan.
Identify is all about knowing what you have. This includes not just your physical assets like computers, servers, mobile phones and tablets but also what data you have. When it comes to data, you want to have a clear understanding of what data you hold may be at risk to breach. It could be intellectual property or it could be sensitive personal information about your clients.
Protect means protecting your network. This encompasses everything from having proper perimeter security, firewalls, anti-virus software and more. This also includes strategies like least privileged access, giving only the minimum level of access necessary to do the job.
Detect encompasses technologies and services you deploy to monitor your entire network from the inside and outside. Many organizations are deploying intrusion detection and prevention systems to actively monitor for unauthorized attempts to penetrate their networks.
Respond is all about how you respond to a cyber incident. Make sure you have a clear plan for how to communicate any cybersecurity incidents to your staff, clients, business partners and others. Communication is a critical part of any plan. Response also dictates how you respond technically, to isolate and investigate the event.
Recover encompasses restoring data in the event of loss or corruption. This may also include rebuilding elements of your network. Communication remains key during this phase, as you need to keep all stakeholders informed of your progress and when you will restore normal business operations.
These brief descriptions of the five elements of the NIST Cybersecurity Framework as exactly that, brief. These are not all encompassing and are only a glimpse into what goes in to an effective cybersecurity plan. If your organization already has a plan, be sure you review and update it, at least annually. If you do not have a cybersecurity plan, get one in place as soon as possible. The last thing you want is to need a plan and not have it.