Small Biz at Risk for Cyber Attacks
Six months in, the main takeaway from the Rapid Response Center’s early operations is this: Among small and medium-sized organizations, cybersecurity hygiene is sorely lacking.
The RRC, the National Cybersecurity Center’s emergency service for organizations that suffer a cybersecurity breach or attack, has successfully handled 10 incidents since January from law firms, nonprofits and small businesses, CEO Ed Rios said.
Rios said about 75 percent of all cybersecurity penetrations are caused by human error — typically clicking on a malicious link or using a weak password.
The RRC researches the breach and offers additional services like forensics to determine the cause, help getting back in operation and training to avoid future breaches.
“We provide, on a more-than-monthly basis, training on cybersecurity for employees as well as board directors and C-suite executives, and for-profit, nonprofit — whoever needs it. And that has helped immensely,” he said.
But it is “critically important” for organizations to train their people before disaster strikes, Rios said.