A new free cyber security program put together with big business and Obama-era experts is focusing on small businesses. Small Business Trends got in touch with Kiersten Todt, Managing Director of the Cyber Readiness Institute, to find out how the Institute plans to tighten up what’s generally seen as a lacking of preparation for cyber attacks among small businesses.
She began the conversation with some important background.
“Every day news reports share stories about cyber attacks or major breaches across the globe,” wrote Todt, the Former Executive Director of the Presidential Commission on Enhancing National Cybersecurity under President Barack Obama. However, as we saw with the 2013 Target Corp. incident that started with an HVAC contractor, more often these news headliner attacks are exploiting the weakest links in the supply chain to gain access to major corporations—small and medium-sized businesses (SMBs). “
Consequences More Severe
Todt explained how smaller businesses are attacked more often and the consequences are more severe than with bigger organizations. Even though organizations like the National Cyber Security Alliance point to the fact that 70% of these attacks are focused on small business, Todt says smaller businesses don’t always have knowledge, tools or resources to combat these attacks effectively.
“The need for a program like this has been growing exponentially in recent years,” she adds. “Because of the interdependent nature of global business today, businesses of all sizes remain at a significant risk if even one of their partners becomes vulnerable to an attack.”
Hackers are always looking for the easiest route to bigger organizations. Unfortunately, that often easiest route goes through smaller businesses possessing associations and connections with larger counterparts.
Co-Chairs of the institute include retired President and CEO of IBM Samuel Palmisano, President and CEO of Mastercard Ajay Banga, CEO of Microsoft Satya Nadella, and Penny Pritzker, former U.S. Secretary of Commerce.
The pilot program started in July 2018. The program itself is looking to address major issues including adopting a cyber readiness program driven by small businesses and helping to develop employee programs to raise skills and awareness. The program was put together with input from leading cyber experts and organizations of all different sizes.
“The focus of the program is to embed basic cyber policies and processes into every organization regardless of size, technical expertise, or sector,” Todt writes.
“The program provides resources and support to foster learning within an organization so that they can advance their cyber capabilities without having to hire or bring in new skill set,” she adds.
The Cyber Readiness Institute is especially appealing to smaller businesses because it provides support and resources without the need for learning new skill sets or hiring more technical professionals. There’s a template involved that can be customized for each business so there’s a streamlined response to any kind of attack.
Todt outlines the Institute’s plans:
“In 2019, the Cyber Readiness Institute will be focused on distributing the Program to as many SMBs across the globe and across industry as possible — as well as measuring the impact of the Program on the cyber readiness of SMBs. The goal is to evaluate whether the Program is having an impact on the cybersecurity of SMBs, and ultimately, of global value chains.”