The Federal Trade Commission (FTC) recently announced that it will launch a national education campaign to aid the small business sector in strengthening its cybersecurity and protecting its sensitive and personal data.
The national education campaign builds on the FTC’s 2017 Small Business Initiative which included the creation of a new website: FTC.gov/SmallBusiness aimed at helping small businesses protect their networks and data and avoid scams, and the Small Business and Cybersecurity Roundtables that included five roundtable discussions with small businesses to learn from the challenges they face dealing with cyber threats and cybersecurity and hear ideas on how the government can help them. The FTC developed the national cybersecurity education campaign based on lessons learned from the roundtables.
In the FTC’s announcement of the national education campaign, Tom Pahl, Acting Director of the FTC’s Bureau of Consumer Protection highlighted that, “Small businesses understand the importance of cybersecurity and the need to protect their networks and data, but many feel overwhelmed about how to address the myriad of cyber threats they face… Our new campaign aims to help these small businesses with targeted, plain-language advice on everything from protecting against phishing scams to tips on what to look for when choosing a cybersecurity vendor.”
An FTC staff report released together with the announcement, Engage, Connect, Protect: The FTC’s Projects and Plans to Foster Small Business Cybersecurity – The Federal Trade Commission Staff Perspective includes an outline for the reader friendly materials the national education campaign will provide for small businesses looking to better protect themselves from cyber incidents, including:
- Creating a suite of training materials for small businesses and their employees – 10 – 12 modules that will each include a cybersecurity challenge and advice for dealing with it accompanied by short videos, presentations, and other materials. These materials will be appropriate for small business owners and managers to share with employees.
- Developing consistent messages from the federal government – this includes working together with the government’s Cybersecurity Forum, the National Cybersecurity Alliance’s (NCSA) federal partners working group, and other working groups FTC staff belong to, to create consistent messages regarding cybersecurity across other key federal agencies that interact regularly with small businesses.
- Partner with the private sector – The FTC will continue to work together with private sector partners including the NCSA, the Better Business Bureau, and the U.S. Chamber of Commerce to ensure small businesses across all industries are aware of and have access to campaign materials. Materials will also be available online.
Although the media’s attention of late has been on large companies suffering data breaches, it is important to remember that, according to a recent study, half of all cyberattacks target small and mid-sized businesses. Small businesses are particularly at risk for identity theft and need to act promptly and aggressively to minimize their legal and monetary exposure.
For more information on small businesses and cybersecurity, below are several of our helpful materials:
- The Dark Web and Its Impact on Small Business
- Data Breach Preparedness: A critical risk management priority for small and mid-sized businesses
- California AG Announces More Active Role in Dealing with Data Breaches, and Helpful Guide for Small Business