Promoting Greater Information Sharing for Stronger Cybersecurity
WASHINGTON – Today, the House Committee on Small Business held a hearing to examine how federal agencies can encourage greater information sharing with small businesses and provide timely assistance and resources when a cyber attack on a small business occurs.
“This Committee has heard from experts, government officials, and small business owners on numerous occasions that cyber threats remain a top concern for America’s small business community. Information sharing is a fundamental component for a strong and effective cybersecurity defense, not just for small businesses but for America’s network as a whole. The federal government must make every effort possible to ensure that small businesses have both the resources and the confidence they need to actively engage with the federal agencies tasked with protecting our critical infrastructure,” said Chairman Chabot (R-OH).
Cyber Threats Remain a Top Concern for Small Businesses
While the federal government has made a serious effort to coordinate and distribute cyber security resources directly to small businesses, challenges still remain in ensuring that they are protected from cyber attacks.
“Small businesses are extremely resourceful. Having quality incident reporting and cyber intelligence flowing to the small business community lets us build solutions for ourselves. Our biggest challenge, in that regard, is collecting and aggregating data from a wide array of sources,” said Rob Arnold, CEO & Founder of Threat Sketch, LLC in Winston-Salem, NC.
“Recent ransomware attacks have been devastating with 1 in 5 companies forced to immediately shut down operations for three days and in some cases, more than two weeks, said Ola Sage, Founder and CEO of e-Management and Co-Founder and CEO of CyberRx in Silver Spring, MD. ”Solving this problem requires greater information sharing between the government and the SMB community to help companies better identify threats, protect their infrastructure, detect anomalies, respond to, and recover from significant cyber events.”
“In 2014, 71 percent of companies admitted they fell victim to a successful cyber-attack. Meanwhile, the amount of data online is expected to increase 50-fold by 2020, signaling accelerated tech innovation but also adding new attack vectors due to increased connectivity and a sweetening of the pot for potential cyber criminals. Cybersecurity risk management strategies must keep pace with this growing threat – a task that evolves as more online traffic and commerce is dedicated to the internet of things,” said Morgan Reed, President of ACT | The App Association in Washington, DC.
“We have to acknowledge the fact that for most small businesses, cybersecurity is an expense they don’t want to incur when they’re trying to simply make payroll and remain profitable,” said Thomas Gann, Chief Public Policy Officer of McAfee, LLC in Reston, VA. “This doesn’t mean that small businesses don’t need or can’t benefit from cyber threat intelligence; they certainly can. But perhaps we should focus our discussion more on sharing a different kind of information – information that is more informative and educational right away.”