Over the 2014 fiscal year, the United States Department of Defense invested $55.5 billion to small business prime contractors across 51,000 locations.
Despite this investment, small businesses remain largely at risk to increasingly sophisticated and damaging cyber attacks. Even small businesses tasked at supporting federal operations remain at risk to attacks. Lacking robust cybersecurity systems and other resources their larger counterparts have, small businesses remain under-equipped when it comes to protecting their business.
The sector continues to be vulnerable to both intentional and unintentional cyber threats. The GAO cites unintentional threats as anything from faulty networks to careless workers. Conversely, intentional threats include targeted and untargeted attacks from various sources.
A recent Government Accountability Office (GAO) audit revealed the extent at which small business remains susceptible to cyber attacks. While nothing has been confirmed the GAO, “recommends that DOD identify and disseminate cybersecurity resources to defense small businesses. DOD concurred with the recommendation and agreed to implement training events and education programs.” While the DOD’s Office of Small Business Programs (OSBP) is not required to provide such support to the small business sector, it is under consideration in light of the GAO’s findings.
One major finding from the GAO article was the sector’s unawareness of security resources that already are available. To counter this trend, the audit recommends the DOD disseminate these current resources to small businesses working in defense. So far, nothing is set in stone, but the DOD has agreed to launch training and education programs to educate defense small businesses with the adequate knowledge.
Though it is troubling to hear how small businesses as a whole are still behind on cybersecurity measures, there is hope that the trend will begin to change. Seeing as how small business accounts for 99.7 percent of jobs in the United States, every measure must be taken to ensure their safety from intentional and unintentional attacks. The current small business security infrastructure requires an upgrade to provide safety for customers and internal operations. With the DOD and GAO’s involvement, hopefully, we soon won’t need these sorts of audits to spark a change within the sector.
from Don Mathis: Cybersecurity & Tech http://ift.tt/23WMhe8