We just celebrated President’s Day. Folklore has it that during the American Revolution, George Washington was approached by an enquiring member of the press who asked: “George! George! What keeps you up at night?”
2018 brought a lot of change to small business. In the wake of many new cybersecurity threats and breaches, the National Institute of Standards and Technology (NIST) Small Business Cybersecurity Act was passed into law in August 2018, and it requires NIST to provide cybersecurity resources to small and medium-sized businesses (SMBs) to help protect them against future problems.
The growing threat of cyberattacks is a huge cause for concern. According to some of the country’s foremost intelligence experts, the U.S. may encounter a massive cyberattack on the horizon. An attack of this scale is predicted to cause damage comparable to a Category 5 hurricane, where everything from vehicles to pacemakers could be compromised. The country needs to be ready – and not just the public sector. Private businesses, regardless of size, would be taking an extreme risk if the necessary precautions are not put into place.
Small and mid-sized businesses (SMBs) face unique challenges when choosing a security solution. While large businesses enjoy entire departments devoted to addressing the many facets of security – video surveillance cameras, video management, access control, network infrastructure – SMBs have limited resources to help them select and maintain a security solution.
Bob Kolasky, acting assistant secretary for infrastructure protection at the Department of Homeland Security’s National Protection and Programs Directorate, has been named director of the National Risk Management Center (NRMC), reported Meritalk.
Phishing emails remain the number one delivery mechanism for ransomware. The ransomware attack on the Lansing Board of Water and Light in Michigan, which forced the utility to shut down its accounting system, email service and phone lines, succeeded because a single employee opened an attachment to a phishing email.
ON DEMAND: You spend countless hours assessing your vendors, stuck in spreadsheets, trying to sift through last year’s emails to find the right vendor contact and the most up-to-date questionnaire. And when assessments are finally completed (which can take months), you still need to review and validate the answers, as well as mitigate any identified risks.