When It Comes to Small Businesses and Cybersecurity, Doing Little Things Right Can Reduce Vulnerabilities
When addressing small businesses and cybersecurity, there is an issue: How to make these networks less vulnerable to attack when budget and resources aren’t always available.
Small businesses often face unique cybersecurity challenges. According to a report by the U.S. Small Business Administration (SBA), 88% of small business owners feel vulnerable to cyberattacks. These businesses are frequently targeted due to their limited resources for advanced cybersecurity measures, making them attractive targets for cybercriminals.
With small businesses increasingly in the crosshairs of cybercriminals, Dakota State University (DSU) is stepping up to fortify the frontlines of cybersecurity. Led by Joel Wohnoutka, Executive Director at DSU’s Applied Research Lab, DSU hosted and presented at GSX 2023 this year to spotlight and analyze progress from the university’s expansive initiatives. From ramping up its cyber graduate output to forging collaborations with intelligence agencies, DSU is making strides. A significant highlight is the Cyber Safe SD initiative, funded by the SBA, emphasizing the protection of small businesses. Through rigorous penetration tests and subsequent remediation, DSU is presenting its findings and positioning the Midwest as the next potential cyber hub.
Wohnoutka detailed some takeaways from the GSX 2023 learning session and stressed that small businesses don’t have to deploy an expensive arsenal of cybersecurity solutions if they concentrate on getting some basic principles and strategies effectively executed.
Joel’s Thoughts
“Anybody learns anything from today; it’s just go back, make sure we have secure password policies, educate your workforce whether you have ten employees, five hundred employees, or five hundred thousand employees, right? You know, we see a lot of that in the corporate structures, but it doesn’t get translated down to small businesses as much.”
Dakota State University’s Role in Cybersecurity
“So there’s a couple of different aspects. One, we’re raising awareness about South Dakota and our growing cybersecurity industry there. Specifically, at Dakota State University, we have our Madison Cyber-Labs and Applied Research that are really focusing on working with industry partners and federal agencies and just working to secure the nation. Dakota State has one of the top side security programs in the nation. The other side of that is we’ve been working on a project for the last year, just helping small businesses know a little about their infrastructure and how to secure it from a cybersecurity perspective.”
Building a Cyber-Resilient Workforce in South Dakota
“Dakota has a very strong cyber security program. Right now, we’re graduating eight hundred graduates a year in just our three prominent cyber security programs that go to state. A lot of our graduates are looking around the country, and they’re getting placed at really high-end companies, you know, Google, working for the government, etcetera. We think that South Dakota is a great place for many of those businesses to come and set up shop in addition to doing some federal government work and building up facilities in Sioux Falls and Madison, South Dakota, that support that style of working. We’re really looking forward to being able to offer our graduates a place in South Dakota to stay and raise their families.”
Addressing Network Vulnerabilities in Small Businesses
“What we’re seeing with small businesses in the region is just there is not capacity for the IT professionals that work in those businesses to focus on everything they need to be focusing on. So we’re trying to give them information about where they need to start looking so they can remain secure. Small businesses can range from three employees to five hundred employees, etcetera. So we’re looking to ensure everybody knows their network vulnerabilities.
Then we’re offering them solutions on how they can secure their networks, making sure something we’re really seeing most is just the ability to keep our devices up to date. We’re looking at vulnerabilities from 2008 that we can exploit on some of these small businesses’ networks. And it’s really just not having the capacity to know what’s on their network and maintain and ensure everything is up to date. So I would say that if anybody learns anything from today, it is to go back, make sure we have secure password policies, and educate your workforce whether you have ten employees, five hundred employees, or five hundred thousand employees.
We see a lot of that in the corporate structure, but it doesn’t get translated down to our small businesses as much. We’re just trying to raise awareness so that other small businesses can take that back to their companies when they go back to their hometown.”
The Shift to Cloud-Based Platforms for Cost Efficiency
“So Hardware is expensive, right? I mean, small businesses sometimes don’t have the financial capacity to do that. One thing we’re really stressing with some of our businesses that are able to do it is move to a cloud-based platform where they don’t have to support a lot of those infrastructure components. There’s still going to be that component, but being able to offload some of that be a monthly subscription instead of paying, you know, a hundred thousand dollars for an entire network setup upfront.
it’s just something that’s a little bit more enticing to some small businesses, especially as they’re just getting started.
It’s a lot easier for small businesses to get up and running. You might not be able to hire an IT person right up front. Sometimes, we see an owner of an IT company who’s just really good with computers and has been, but that’s not their primary job, duties, or background. So, offloading that and just getting up and running in less than a week is enticing to small businesses. And it’s great that we can do that now, but it’s some of the legacy systems that we’re seeing. They haven’t made that jump or that leap to the cloud yet, and it’s just all about timing for them, I think. There’s not been a lot of people educating them about what that can bring to their business, especially when there’s not one who’s in that industry.
We just started doing something at Dakota State recently: we partnered with Case New Holland. It’s a tractor manufacturer with a big presence in South Dakota. And we’ve just started looking at how AI has been involved in some of their research. A lot of that is controlled by an entire computer system on a tractor.
If that computer system is compromised in some way, what does that mean? Our crops in our industry. Obviously, in South Dakota, agriculture is one of our biggest infrastructures. We’re really interested in making sure that that is secured properly as well.”
Article by James Kent