SALT LAKE CITY — Digital security breaches that impact megacompanies like Equifax, Sony or Yahoo tend to dominate headlines when they occur, but it's far more common for small businesses to fall victim to cybercriminals and, when they do, the results are typically far more catastrophic.
That's why local organizations like the Salt Lake Chamber and Utah Department of Public Safety are joining the FBI, U.S. Department of Homeland Security and others staging numerous events throughout the coming weeks in support of October as Cybersecurity Awareness Month.
Research reported by Microsoft estimates business losses due to cybercrime have topped $3 trillion and could hit $6 trillion by 2021. Most of those targets, over 60 percent, are businesses with fewer than 1,000 employees, according to a 2016 analysis conducted by Verizon. And nearly 60 percent of small businesses that are victimized by a cybercrime never recover from the incident, a statistic that helped motivate the Salt Lake Chamber to launch its own Cybersecurity Leadership Council in August. This month, the council will be hosting workshops throughout the state to help offer guidance to Utah businesses, most of which are too small to employ their own cybersecurity personnel to protect company data and email systems.
"We're finding that a lot of the business community is unaware of how to best address cybersecurity issues," said Sarah Clark, the chamber's public policy coordinator. "We're approaching these roundtable events from a fundamental standpoint, offering tips and tools and best practices that everyone should be employing."
Utah Department of Public Safety Sgt. Jeff Plank, who is also a member of the FBI Cyber Task Force, highlighted in a recent interview with local cybersecurity website Cyber24, that some of the simplest actions can have the biggest impact on preventing cybercrime.
"A majority of computer intrusions are due to really poor passwords," Plank said. "Many people don't use complex password or two-step verification. If people did a better job of managing their passwords, using passwords with numbers, letters and special characters, it can go a long way in stopping cybercrime."
Plank said the department will be involved in a number of outreach/education activities this month. They include an open house with the FBI and U.S. Secret Service on Oct. 19 at L3 communications focused on business email compromise as well as presenting during the upcoming SaintCon cybersecurity conference in Provo Tuesday through Saturday.
Clark said interested parties can find out more about the chamber's upcoming cybersecurity business roundtables by visiting the organization's cybersecurity page slchamber.com/cyber. Visitors will also find an online cybersecurity tool kit with helpful information on simple strategies to help prevent becoming a victim of cybercriminals. More in-depth information is offered by the U.S. Department of Homeland Security through its small business cybersecurity resource page.
Some simple steps to help stay cybersecure:
• Always change a device's initial default password and regularly update passwords on all devices. Use strong passwords with a mix of letters, numbers and special characters.
• Stay current with program and application updates and patches. They frequently contain fixes to identified security glitches.
• Never open an email from an unknown source and never click on a link or open an attachment in an email from an unfamiliar source.
• Avoid use of public Wi-Fi systems.