Kamala Harris, Attorney General, California has posted some pretty good cybersecurity advice for small and medium sized businesses (SMB’s) in that state.
California has 3.5 million small businesses which represents 99% of all employers. The report states 98% of their SMB’s use wireless technology of some sort, 85% use smartphones, 67% using websites, 41% on Facebook, and 36% using LinkedIn. I would speculate that other states, while not as large, probably have similar percentages of types of technology use.
The document covers threats such as social engineering scams, network attacks, physical attacks, and mobile attacks as threats to SMB’s in that state. Overviews of data protection and encryption, access control, incident response, and authentication mechanisms are also provided.
The core tenets espoused by the document are:
- Assume you’re a target
- Lead by example
- Map your data
- Encrypt your data
- Bank securely
- Defend yourself
- Educate employees
- Be password wise
- Operate securely
- Plan for the worst
This document does a great job of providing an overview of cybersecurity issues and initial effort prioritization for SMB’s. It would be great to see other States follow their lead.