Kamala Harris, Attorney General, California Department of Justice
Kamala Harris, Attorney General, California has posted some pretty good cybersecurity advice for small and medium sized businesses (SMB’s) in that state.
California has 3.5 million small businesses which represents 99% of all employers. The report states 98% of their SMB’s use wireless technology of some sort, 85% use smartphones, 67% using websites, 41% on Facebook, and 36% using LinkedIn. I would speculate that other states, while not as large, probably have similar percentages of types of technology use.
The document covers threats such as social engineering scams, network attacks, physical attacks, and mobile attacks as threats to SMB’s in that state. Overviews of data protection and encryption, access control, incident response, and authentication mechanisms are also provided.
The core tenets espoused by the document are:
- Assume you’re a target
- Lead by example
- Map your data
- Encrypt your data
- Bank securely
- Defend yourself
- Educate employees
- Be password wise
- Operate securely
- Plan for the worst
This document does a great job of providing an overview of cybersecurity issues and initial effort prioritization for SMB’s. It would be great to see other States follow their lead.
Some select slides from Mary Meeker/KPCB presentation at All Things Digital Conference:
China’s smartphone subscriber growth over 50% faster than US
Reaching for the phone 150 times a day …
Internet user growth – emerging markets dwarf others
A zettabyte?? (it’s the new terabyte — 1 zettabyte = 1 billion terabytes.) yowza.
Currently over 100 hours per minute of video being uploaded to YouTube alone
Some surprising data on online social sharing
Per a recent Wall Street Journal article, competing small to medium businesses with questionable ethics can have an effect on your business via online posts. A 2011 survey shows that of consumers surveyed:
- 80% changed purchasing decisions based on negative online reviews
- 87% did the same based on positive reviews
- 69% did online research before buying
- 64% read consumer/user reviews
- 42% read articles and blogs
WSJ suggests the following:
- Be alert for rival activity — negative messages are often the same or similar across multiple sites
- Take your suspicions to site administrators
- Once posts are gone, follow-up on forums to remove any lingering suspicions (old posts can still show up on Google searches)
- If any attacks were effective, supply a Q&A on your web site or social media page
- When countering claims, keep cool — keep your tone helpful & neutral
- Develop a presence in relevant online forums early, before an attack happens — this will give you credibility when you have to respond to attacks