The National Cyber Security Alliance recently released a new study with some startling numbers concerning small businesses and the threat of data loss, security breach, or cyber attack. Some of the key numbers obtained from polling small business owners include:
- 65% store customer information on computer systems
- 43% store financial records
- 33% store credit card information
- 86% do not have anyone focused on system security
- 11% of owners never check their computer security systems.
- 75% use the internet to communicate with customers
- 28% have formal internet security policies
What do these numbers suggest? Deborah Cohen, who covers small business for Reuters.com, published an article following release of the study and “confirmed that small businesses are among the most vulnerable to Internet crime. . .” She quoted Michael Kaiser, executive director of the National Cyber Security Alliance, who noted that “small businesses are pretty robust targets” for cyber attacks citing the lack of Internet protocol and employee training. Cohen’s article also offers some tips from Kaiser for small businesses to help confront cyber attacks.
If you are looking for some guidance or help with cyber security, read here for some of my earlier posts. If you are looking for a do-it-yourself placer to start, try the U.S. Chamber of Commerce. The Chamber offers a great resource entitled“Common Sense Guide to Cyber Security for Small Businesses.” It’s a 12 step plan to increase cyber security. Here are some highlights:
· Use strong passwords and change them regularly
· Watch for strange email attachments
· Install computer security software and network security
· Keep software updated
· Limit access to sensitive and confidential data
· Establish and follow security plan
· Maintain insurance coverage
The threat of data loss or security breach is not going away, but will only increase. Lawsuits concerning data loss and security breach are more frequent. Business owners need to stay on top of the threat by implementing a sound data loss and privacy plan. There is no one size fits all approach and every business will have its own risk exposures. If you are a business owner, consider having your business evaluated for risks of cyber attack or data loss.
N. Kane Bennett
I am the managing partner of Aeton Law Partners LLP and have been an attorney in practice for over 24 years. My law practice includes representation of individuals and businesses in a range of matters such as breach of contract, business disputes, trade and commerce, technology, and employment.
Related Posts
September 23, 2009
The Connecticut Privacy Forum Highlights Very Real Risks For Businesses
0 Comments2 Minutes
Kane,
This is a very timely article. Massachusetts recently passed some identity theft regulations for small business, and we are encouraging our CT clients to use the checklist as well to mitigate risks. A copy of the checklist can be obtained here: http://bit.ly/MAidtheftchecklist
We can help small business owners identify areas of risk: http://bit.ly/NetworkHealthReview
Businesses often do nothing because they feel they can’t do enough to make a difference. However, many of the steps that can be taken are simple and little to no cost. The first step is identifying what you CAN do.