At least here in the United States, and possibly even worldwide as well, there is no doubt that it is the Small to Medium sized Businesses (SMBs) that are the main engine behind any sort of economic growth. 

For example, they tend to be amongst the first places where people get hired, and in fact even stay they for a long time.  In my case, the last few positions that I have held have been with the SMBs, which have even been family owned.  It is the SMBs that are the crux of innovation and bringing out new developments to the technological world.

In fact, once these SMBs have proved their worth from both a financial and product/service offering standpoint, they often become the target of a takeover from a larger company.  This is the trend that is now occurring in the Cybersecurity industry.  Rather than for a larger company to come out with something new, the easier thing is to gobble up an SMB and basically buy out their Intellectual Property (IP).

Also, consider some of these key statistics:

*SMBs account for 99% business activity on a global scale;

*SMBs account for, on average, 70% of all jobs that are created;

*SMBs generate than 50% of economic value, on a global basis.

But believe it or not, is these SMBs that are also the target for the Cyberattacker.  We never seem to think about this, because all that gets reported in the news headlines are the hacks that are happening to the much larger businesses and corporations.  But the Mom and Pop organizations are also suffering as well, probably even to a greater scale.  In fact, up to 60% of the SMBs are now becoming victims of Cyberattacks.

One of the primary reasons why the SMBs are a prime target is that the Cyberattacker knows that they are very often on a shoe string budget, and thus, cannot afford to implement a sophisticated line of defense like a Fortune 500 company can.  Thus, there will be many backdoors and other unknown security weaknesses and vulnerabilities that the Cyberattacker can penetrate through.

At long last, Corporate America is now at long last waking up to this and is recognizing the fact that the SMBs do need a huge, helping hand when it comes to protecting them from Cybersecurity attacks. It is in this effort that the Global Cyber Alliance (also known as the “GCA”) and Mastercard have come up with a brand new “Cybersecurity Toolkit” that is designed to help the SMBs.

The best news of all is that this a free resource, and it consists of the following items:

*Operational Tools:

This allows for the owner of the SMBs take into account and inventory all of the assets that related to their IT Infrastructure.  Advice and other toolsets are also available in order for employees create more complex and stronger passwords via the usage of a Password Manager, and to also make use of Multi Factor Authentication Tools (such as that of 2FA).  There are also resources available to the SMB owner in the way of learning how to create and perform backups mission critical information and data. 

*How to Materials:

These are essentially templates that the SMB owner can use when it comes to create Security Policies, as well as other types and kinds of educational media that can be used to teach employees on how to maintain the proper levels of “Cyber Hygiene”.

*A Listing of the Recognized Best Practices:

The SMB owner can adopt these to fit the requirements for their own business or corporation. These lists have been provided by some of the world’s leading Cybersecurity Institutions, which include those of the Center for Internet Security Controls, the National Cyber Security Centre based in the United Kingdom, and the Australian Cyber Security Centre.

There have been other initiatives that have been launched that are similar to this, but the key difference in this one versus the rest is that the SMB owner can take an immediate proactive stance on Cybersecurity once they have started to make use of the toolkit.

Also, this is effort is much more global in nature than the other initiatives.  For instance, there are other organizations that have contributed to this as well, which include the following:

*The Center for Internet Security;

*The Cyber Readiness Institute;

*The City of London and the City of New York.

Also, another differentiating factor in this initiative is that it will be updated and refined on a regular basis with direct input from the Cybersecurity Industry.  Because of this, the SMB owner will have the most modern toolkit that will be available.

In fact, the other Cybersecurity initiative that is being developed in parallel with this one (and in fact, are partners in this regard) is the Cyber NYC.  This is a $100 million public-private investment that has been launched in order to create a vibrant Cybersecurity ecosystem, primarily in the New York City area.  Their effort was called the “Cybersecurity Moonshot Challenge”, which was launched back in November 2018.

Finally, this brand-new toolkit will also be updated in real time in an effort to help the SMBs combat the ever changing and dynamic Cybersecurity Threat Landscape. It can be viewed at and downloaded from this link:

https://gcatoolkit.org/smallbusiness/

My thoughts on this?

I think it is about time that help is being given to the SMBs as it relates to Cybersecurity.  My Cybersecurity Communications company can also be viewed as an SMB, and we are all on a shoestring budget in order to keep our businesses afloat and running smoothly.  We simply do not have the finances or the budget to set up an elaborate line of defense.  So, anything that is free (but of course that is authentic and genuine) to use in this aspect will be met with great reception.

My only point of concern here is that as these initiatives are launched and become available online, it is quite possible that the Cyberattacker could set up a spoofed website, luring unsuspecting SMBs in.  Therefore, it is very important to checkout the validity of these free, online Cybersecurity resources in order to make sure that you are not falling into some sort of trap.  One thing that I would I also to see added to this toolkit is the availability to get some sort of free consulting from a Cybersecurity company.  Remember, it could be daunting at first for the SMB to start using these free tools that are provided.  Therefore, advice from an expert Cybersecurity consultant is crucial from the very beginning, in order to ensure that the SMB owner is started on the right track.

It will take a great effort for an SMB to start to beef up their Cyber lines of defenses once they start using these free tools.  Then the next Herculean task to be accomplished then is to keep all of this maintained, and to maintain a constant vigilance.

But hey, in the taking baby steps towards Cybersecurity is better than none at all.