Small businesses face the same cybersecurity risks as large multinationals but lack a large IT infrastructure to help protect themselves. At the direction of former Federal Trade Commission (FTC) Acting Chairman Maureen Ohlhausen, the FTC launched a new cybersecurity campaign aimed at helping small businesses navigate the ever-evolving cyber landscape, coordinated with the Department of Homeland Security (DHS), the National Institute of Standards and Technology (NIST), and the Small Business Administration (SBA). More information about the program and upcoming events is available at the FTC’s website.
Earlier this year, FTC staff published a report detailing the resources available to help small organizations. FTC staff also held several workshops and a result of feedback, the agency developed a series of modules that cover the following topics: Cybersecurity Basics, Understanding the NIST Cybersecurity Framework, Physical Security, Ransomware, Phishing, Business Email Imposters, Tech Support Scams, Vendor Security, Cyber Insurance, Email Authentication, Hiring a Web Host, and Secure Remote Access.
Implementing security mechanisms that are tailored to an organization’s size and risk exposure can be complex. However, the FTC modules and report provide a useful starting point for smaller businesses looking for practical guidance on handling a range of cybersecurity and data protection matters.