When it came to designing the FTC’s Cybersecurity for Small Business campaign, you called the shots. We hosted round tables across the country and listened to what business owners had to say. You told us you wanted: 1) No-nonsense advice that’s easy to implement; and 2) Consistent guidance from the different federal agencies that deal with cyber threats and data security.
Our every-Friday Business Blog series has covered fundamentals like physical security and cybersecurity basics, as well as tech-centric topics like email authentication and NIST’s Cybersecurity Framework. But it’s time for us to turn things back to you. We asked small businesses how they have incorporated the campaign in their offices and here are four ways you’ve told us you’re using the new materials.
1. Incorporate resources into in-house training
Whether it’s a sales person who connects to your network remotely or someone in the warehouse who processes shipments, every employee is a link in your cybersecurity chain. That’s why savvy businesses build cybersecurity into new employee training and hold periodic refreshers and updates for experienced staff. There’s no need to create a curriculum from scratch. You’ve told us many of the Cybersecurity for Small Business modules coordinate with the topics you cover. We also have fact sheets, videos and quizzes to help keep your staff engaged – and we’re adding to the inventory.
2. Share them with your social networks
We’re glad that business owners are sharing cybersecurity resources on their company and personal social networks. In addition, every blog post in this series has buttons at the top so you can share them on popular platforms. You’ll never be at a loss for relevant content. (Soon you’ll be able to share the website and fact sheets in Spanish, too.)
3. Spread the cybersecurity word within your industry
“May I publish one of your fact sheets in the newsletter of our downtown business group?” “Is it OK if I hand out your brochure at an industry event?” When requests like that come in, we have two responses: 1) Yes; and 2) Thank you. FTC materials are in the public domain, which means you’re free to republish, link, cite, quote, etc., with no clearance required. We’re grateful for what you’re doing to let other businesses know about the importance of cybersecurity. (By the way, did you know you can order multiple copies of our 28-page Cybersecurity for Small Business brochure and related titles at no charge from bulkorder.ftc.gov?)
4. Multiply the impact in your community
Cybersecurity isn’t an issue just for businesses. Keeping client, volunteer, and donor data secure is an important consideration for the nonprofit sector, too. We’ve heard from business owners who have used the materials to introduce safer data practices to local service organizations, places of worship, charities, and other groups where they volunteer their time.
Those are just some of the ways companies are using Cybersecurity for Small Business. How are you using the resources? What can we do to help your company’s cybersecurity efforts? Post a comment and let us know.
The purpose of this blog and its comments section is to inform readers about Federal Trade Commission activity, and share information to help them avoid, report, and recover from fraud, scams, and bad business practices. Your thoughts, ideas, and concerns are welcome, and we encourage comments. But keep in mind, this is a moderated blog. We review all comments before they are posted, and we won’t post comments that don’t comply with our commenting policy. We expect commenters to treat each other and the blog writers with respect.
- We won’t post off-topic comments, repeated identical comments, or comments that include sales pitches or promotions.
- We won’t post comments that include vulgar messages, personal attacks by name, or offensive terms that target specific people or groups.
- We won’t post threats, defamatory statements, or suggestions or encouragement of illegal activity.
- We won’t post comments that include personal information, like Social Security numbers, account numbers, home addresses, and email addresses. To file a detailed report about a scam, go to ReportFraud.ftc.gov.
We don't edit comments to remove objectionable content, so please ensure that your comment contains none of the above. The comments posted on this blog become part of the public domain. To protect your privacy and the privacy of other people, please do not include personal information. Opinions in comments that appear in this blog belong to the individuals who expressed them. They do not belong to or represent views of the Federal Trade Commission.
In reply to This great information. What by Jim
The FTC's Cybersecurity for Small Business information connects you to the NIST Cybersecurity Framework. NIST, the National Institute of Standards and Technology at the U.S. Department of Commerce, has a publication titled Small Business Information Security: The Fundamentals that may be helpful.