Barely a day goes by that news headlines aren’t reporting the breach of an organization’s network or the loss of a laptop. To make matters worse, the tools that nefarious actors—including individual hackers and organized criminals—use to steal company, employee, and customer data, money, or intellectual property from businesses are increasing in scope and sophistication. Some businesses are good at updating their approaches to fit a changing security landscape, but criminals are good at adapting as well. For businesses trying to avoid becoming victims, an obvious question arises about what kinds of threats are most commonly faced.
- Hacking and Malware
- Lost or Stolen Storage
- Insider Threat and Human Error
- Accidents and Natural Disasters
What are the solutions?
Every desktop computer, laptop, or handheld digital device can be vulnerable to an attack. The consequences of such an attack can range from a simple inconvenience to financial catastrophe. The U.S. Chamber suggests that owners, managers, and employees take a number of actions described in this guide to improve the cybersecurity of their companies. Of the many points that a guide could cover, we’ve selected about a dozen that many experts tend to emphasize. These tips have been packaged under four broad categories: setting up a secure system, protecting business data, training your workforce, and being prepared to respond to an incident.
Internet Security at Work Toolkit:
Security Intelligence and Compliance:
Data Security Resources:
Reputable Security Sites
STOP. THINK. CONNECT.—online safety and security education and awareness campaign
National Cyber Security Alliance—tools and resources for business and home users
Federal Communication Commission (FCC) and partners’ Small Biz Cyber Planner—an online resource to help small businesses create customized cybersecurity plans
Multi-State Information Sharing and Analysis Center (MS-ISAC)—cybersecurity guides, toolkits, and newsletters
- ftc.gov/infosecurity; business.ftc.gov
Federal Trade Commission’s (FTC) Protecting Personal Information: A Guide for Business; Bureau of Consumer Protection Business Center
- csrc.nist.gov; csrc.nist.gov/groups/SMA/sbc
National Institute of Standards of Technology (NIST), Computer Security Division, Computer Security Resource Division; NIST Small Business Corner
Department of Homeland Security (DHS) Cybersecurity Awareness Month and related resources
United States Computer Emergency Readiness Team (US-CERT) cybersecurity tips
Department of Justice (DOJ) Computer Crime and Intellectual Property Security Section—links to report Internet-related and intellectual property crime
Secret Service Electronic Crimes Task Force (ECTF)—links to more than 20 state and local ECTFs
The White House, Cyberspace Policy Review: Assuring a Resilient and Trusted Information and Communications Infrastructure
The materials on this website have been developed for educational purposes only. We urge you to consult with an attorney or benefit consultant to understand your legal obligations under the law. Please contact an attorney or benefit consultant to verify how the law will affect your specific company, benefit offering, and scenario.