Back in March, the FTC’s acting chairman spoke at NASDAQ at an event hosted by the National Cyber Security Alliance. What she had to share was alarming. Small and mid-size businesses are becoming more susceptive to data breach incidents. Maureen Ohlhausen said, “we are seeing a huge amount of data breaches that target small businesses, but they don’t have the resources to withstand the impact.”
In fact, a study by Symantec reports that nearly half of the cyber attacks (worldwide) in 2015 targeted businesses with fewer than 250 employees. That same year the FTC launched the Start with Security initiative, outlining best practices and tips. Their first lesson, part of their video series for small business owners, is: Don’t collect more information than you need, and only hold onto it as long as you have a business need for it.
But how businesses keep that information safe while they hold onto it is the focal point of cyber attacks aimed at small and medium businesses. Having both a security and a response plan is critical for every business of any size.