Communications Litigation Today was a Warren News publication.
‘Low Hanging Fruit’

FCC, DHS Extend Cybersecurity Assistance to Small Businesses

FCC Chairman Julius Genachowski proposed a new plan to support small business cybersecurity efforts, during a speech at the U.S. Chamber of Commerce Monday. The Small Business Cyber Planner is a free online tool to help U.S. small businesses increase their cybersecurity awareness and protections, and will be available on the FCC website in “a few weeks,” Genachowski said. The Department of Homeland Security endorsed the plan and encouraged small business owners to implement strong cybersecurity policies.

"Security is a significant threat to the online opportunity for small businesses,” Genachowski said. “With larger companies increasing their protections, small businesses are now the low hanging fruit for cyber criminals.” There are basic steps that small business owners can take to increase their cybersecurity, such as encrypting data on computers, making sure Wi-Fi routers are secure, and training employees on basic protections, Genachowski said. He said “failure to take cybersecurity seriously could potentially negate the opportunities provided by going online.”

Genachowski separately emphasized the importance of the commission’s vote scheduled for Thursday on a plan to modernize the Universal Service Fund. “If adopted, our plan will help bring broadband to millions of people in unserved parts of rural America and put us on the path to universal broadband by the end of the decade,” he said. “There isn’t a small business in the U.S. that isn’t already on or looking to get on broadband because the benefits are there.” Sen. Mark Warner, D-Va., last week voiced objections to USF reform proposals before the FCC, and specifically criticized the plan’s lack of “competitive neutrality” (CD Oct 24 p1).

It is “critically important” for small and medium-sized businesses to address their cybersecurity profiles, said Greg Schaffer, deputy DHS undersecretary for cybersecurity. “The potential for intellectual property to be siphoned off if cybersecurity is not addressed in a real way is enormous,” he said. “And many small businesses may not be in a position to weather the storm after a cyber intrusion happens.”

Small businesses must make an effort to learn about federal cybersecurity resources such as the U.S. Computer Emergency Readiness Team’s (US-CERT) technical cybersecurity alerts, guidance and reports, Schaffer said. He also discussed the resources DHS has dedicated to collect information on relevant cybersecurity risks and make it broadly available to the private sector via the DHS website. Ultimately it’s up to small businesses to implement effective and consistent cybersecurity tools to protect their assets, Schaffer said: “There is considerable effort needed in order to build the plans that small businesses need to implement polices and ensure they are enforced and maintained."

The FCC small business cybersecurity tool is not a perfect plan, but it will “reduce risk by a significant degree,” said Michael Chertoff, a former DHS secretary and current managing principal of the Chertoff Group. “The idea is to demystify the process,” he said. “It’s about making these issues understandable and accessible … to protect against the most serious and widespread threats,” he said. “In this day and age, to not consider cybersecurity is a little like leaving your money around on a table and thinking that it’s not a problem.”