CHAPTER 11

Cybersecurity Essentials for Small Business

There are about 25 million business entities in the United States. The vast majority are small businesses; small enterprises without specialized knowledge about network administration and security. Small enterprises, such as nonprofits and home businesses, are especially vulnerable to cyber threats, in many cases, because they use equipment and software right out-of-the-box, which means the machines are in insecure unpatched states with default passwords intact. Agencies (such as the United States Secret Service) charged with protecting small businesses are struggling to cope with escalating cyber threats.

Because these businesses are small, they probably do not have cybersecurity experts on staff. But by adopting essential cybersecurity practices, small businesses can reduce vulnerabilities dramatically.

Why are systems and networks vulnerable to cyber attack? Small businesses are on the Internet and exposed to numerous threats. A typical unprotected system will only survive four minutes browsing the Internet before it is attacked. Weaknesses in systems, software, and end user's lack of cyber awareness can make businesses very vulnerable to attack.

In this chapter I offer some essential advice for small businesses, drawing from the most feasible and effective professional best practices for organizations of all sizes. I assume the use of Windows systems to keep the rhetoric simple, but Apple Macs have similar vulnerabilities. ...