FCC Offers Small Business Cybersecurity Framework
The FCC advocated better cybersecurity measures among small American businesses, half of which lack a defined cyberplan, FCC Chairman Julius Genachowski said Monday during an industry panel at the FCC’s headquarters. “It’s vital that small businesses be part of the cybersecurity equation,” the chairman said after issuing a 10-step cybersecurity tip sheet for small companies. The panel occurred on the same day that the White House launched its international strategy for cyberspace (see separate article).
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
Despite recent publicity of large scale cyberattacks on major corporations like Sony and Epsilon, Genachowski emphasized the need for small businesses to do more to fortify their own assets. “Not having a cybersecurity plan is a competitive disadvantage,” said Genachowski. “Small businesses that don’t take protective measures are particularly vulnerable targets for cybercriminals.”
Cybersecurity education was a major theme of the event. Even if companies implement better security standards into their infrastructure, the “people piece” of the cybersecurity equation remains paramount, panelists said. “The bottom line is making sure that your folks can understand what they should and shouldn’t do,” said Ann Beauchesne, the Chamber of Commerce’s vice president-national security & emergency preparedness. “It’s a culture change, it’s going to take a long time much like wearing seat belts and not smoking, it’s getting people to not click on that link when they get it,” Beauchesne said.
The FCC cybersecurity tip sheet also advocated cybersecurity software, firewalls, Wi-Fi security and password changing, among other precautions for small businesses. Links to cybersecurity information are on the FCC’s new small business Web page at www.fcc.gov/cyberforsmallbiz.
The administration’s cybersecurity plan is “a good start,” former Homeland Security secretary Michael Chertoff told us after the panel. Chertoff agreed with the White House’s decision to give the Department of Homeland Security the lead on the nation’s cybersecurity response and emphasized that a successful response will incorporate strong DHS and Defense Department interaction. “The key is to make sure we bring all the tools in the toolbox to the problem. Sometimes [attacks] will be more in the military domain, sometimes it will be more in the civilian domain, but as long as you have a close partnership you can work that seamlessly."
Small businesses need to be realistic about their cybersecurity approach, said Chertoff, now chairman of the Chertoff Group. “There is never going to be a program that completely eliminates cyber risk,” he said. “We are talking about managing cyberrisk, not eliminating cyberrisk.”
Mobile cybersecurity is equally important for small business owners, said Phyllis Schneck, Chief Technology Officer at McAfee. “We're facing a huge increase of malware directed to mobile in this country,” she said. Schneck recommended that small businesses take “adaptable” precautions like installing mobile security software and implementing routine password changes in order to protect their business. “Smart phones are an extension of every bit of information we use” she said. “The issue is how do you secure [these devices] to work in an office environment,” said Schneck.