Monday, June 20

U.S. Chamber of Commerce - Cyber Tips

Jun 20, 2016 - 12:00pm
Don't Surrender to Hackers - and Other Cyber Tips for Main Street
Ann M. Beauchesne
Senior Vice President, National Security & Emergency Preparedness Department
Main Street
You've probably heard me say more than once that there are two types of businesses - those that have been hacked and know it, and those that have been hacked and don't know it. Speaking to small business owners at America's Small Business Summit, Deputy Secretary of Homeland Security Alejandro Mayorkas implored attendees not to surrender to hackers.

Hackers, criminals, and our cyber enemies are clearly winning. Cyberattacks against governments and businesses are growing in number, frequency, and sophistication. And so is the cost to victims. According to a 2015 report on cybercrime by the Ponemon Institute and Hewlett Packard, the average cost of a cyberattack to an organization is $15 million. This report monetizes the consequences of an attack including business disruption, information loss, revenue loss, and equipment damage.

The good news for America's small businesses is that they have a partner that can help them prepare for and respond to cyberattacks against their networks. The Department of Homeland Security (DHS) has been working with the U.S. Chamber of Commerce on a host of issues including cybersecurity.

During his remarks, Mayorkas suggested three best practices for small businesses:
  • Passwords. Require your employees to change them frequently, every 45-60 days. Make them complicated, meaning 8-15 characters long, using a mix of upper and lower case letters, symbols, and numbers.
  • Cyber Hygiene. It sounds vague, because there isn't a precise definition for "what's good cyber hygiene." A couple of tips. Don't allow personal phones to be connected to networked computers. Don't allow your employees to use USB drives. Limit the number of administrators who have full access to everything. Install patches and software updates when they are available.
  • Test Systems and Train Employees. Resource and budget conscious organizations won't be able to afford third-party auditors to perform penetration testing, but you can exercise your response plans. As an example, send an anonymous email with an attachment to your employees and see if they open it. If they do, do they report it to IT? Phishing and spear phishing emails remain the easiest way for the bad guys to get into your network.

DHS is uniquely positioned in the government to help small businesses. More information on the departments resources and capabilities, and even a small business toolkit, is available on its website.

The U.S. Chamber is doing its part as well. Its cybersecurity awareness campaign aims to advance cybersecurity policies and educate small and medium-sized businesses about cyber threats and how to protect their organization against them.

This fall, working with Ridge Global, the Chamber will launch a new online cyber education effort aimed at preparing and defending American small businesses from cyberattacks. You can learn more here.

The bad guys have nothing but time and resources, and a determined bad actor can and will always find a way in. By working together, we can improve our defenses and make it harder for hackers.

In closing, Mayorkas asked small business owners to share information on cyber threats. There's nothing more important than having a conversation with the FBI, the Secret Service, or DHS. It may sound overly simplistic, but if you see something, say something.


Reminder of the Charleston, S.C. Church Shooting

Posted from WHSV 3 News

This week, one year ago, a shooter gunned down nine people inside a Charleston, S.C. church.

Nine families will never look the same, but neither will churches.

Many of them are forced to face current events and upgrade their security.

The shooting set itself apart from other shootings because it happened in a church which is a place of worship, and a safe haven to many.

To some local pastors, it showed them that such a tragedy can happen anywhere, including right here in the Valley.

Harrisonburg Free Will Baptist Church is in the beginning stages of getting a plan to keep their church safe.

Just this past weekend they went to a seminar to learn more.

"We are going to the very best we can to lead people in the right direction toward the Lord, and do everything we can to keep them safe," said Paul Collins, the Pastor at Harrisonburg Free Will Baptist Church.

Collins said he wants to make sure his congregation is safe, but he also adds he wants to greet troubled individuals with the Lord, not with force.