WASHINGTON, April 25 -- The Senate Small Business and Entrepreneurship Committee issued the following testimony by Russell Schrader, executive director of the National Cyber Security Alliance, at a hearing to examine preparing small businesses for cybersecurity success:
"Founded in 2001, the National Cyber Security Alliance (NCSA) is the leading neutral nonprofit, public-private partnership devoted to strengthening America's cybersecurity through awareness and education. We believe cybersecurity is an economic and security issue best addressed through collaboration among industry, government, academia, consumers and NGOs. We bring together stakeholders to discuss cutting-edge issues and create and execute high-quality, large-scale education and awareness programs. Currently, our primary partners are the U.S. Department of Homeland Security (DHS) and our Board of Directors, representing leaders in the technology, financial, insurance, hospitality and telecommunications industries.
"NCSA's core educational and awareness campaigns include National Cyber Security Awareness Month (co-founded and led with DHS), Data Privacy Day, STOP. THINK. CONNECT.(TM) and Lock Down Your Login. The most recent addition to NCSA's portfolio, and the one I think best aligns with the topic of this hearing, is our CyberSecure My Business(TM) initiative.
"Today, many businesses nationwide continue to think they are too small to be a target of a cyberattack. These businesses often lack the human, technical, financial and legal resources their larger counterparts have at their disposal. NCSA's goal is to help entrepreneurs and small businesses across the country improve their cybersecurity through targeted workshops aligned with the NIST Cybersecurity Framework. We also tailor our programs to include compliance information for state data breach notification law.
"As the CyberSecure My Business cornerstone, we've translated the NIST Cybersecurity Framework into simple language and have incorporated it into our introductory-level, in-person, highly interactive three-hour workshop hosted in communities throughout the U.S. The workshop is designed to empower non-technical small businesses to improve their cybersecurity. We target companies like the local butcher, barber, pediatrician, etc. who may not have information security backgrounds, nor perhaps someone on their staff with this capability. They still, however, need to protect their highly valuable information and assets. It is important to keep in mind that they have some of the country's most prized intellectual property to protect like employee and customer data. In addition, many are suppliers of goods and services to larger organizations, including the federal government. CyberSecure My Business workshops share actionable steps organizations can take to make positive changes in their behaviors, processes and technologies to reduce their vulnerability.
"The workshops are held in six to eight locations nationwide each year and are intended to empower non-technical, small businesses to improve their cyber posture. Each in-person training can reach 125 businesses. We convene state Attorneys General, the U.S. Small Business Administration, the Federal Bureau of Investigation's InfraGard, Federal Trade Commission, law enforcement, Chambers of Commerce, Better Business Bureau chapters, Small Business Development Centers and others. Small businesses not only leave armed with tangible resources they can use to better secure their digital and physical assets, they also gain an awareness of the support network available at their fingertips.
"The program is supported by national sponsors from private industry, which enables the workshops to be conducted at no cost to the business. Seeing trusted, national brands alongside respected government agencies sends a clear message to businesses that the public and private sectors have joined together for the their benefit. This public/private effort is critically important and a fundamental component of our CyberSecure My Business programing because it brings various stakeholders and support systems in one room to share a dialogue along with local, state and national resources.
"In the five workshops we have completed to date during our national CyberSecure My Business tour, a total of 615 people have joined us, averaging 123 attendees per workshop.
"We also supplement our workshops with a CyberSecure My Business webinar series, featuring federal and private sector partners in collaboration with NCSA staff. Since the inception of the webinars in October 2017, we have had 3,050 participants internationally. The webinars are hosted on the second Tuesday of the month from 2:00 - 3:00 pm ET.
"NCSA applauds the role federal agencies play in providing small businesses with the resources and tools they need to become cybersecure. In addition, NCSA continues to promote these resources to the community along with our own materials. We will also continue to support cross-agency and public-private collaboration when it comes to the development of these much-needed cybersecurity resources and training. Cybersecurity is a shared responsibility, and the more work that is done on a national level to deploy standards and to shift liability to the merchants, the more support we need to dedicate to helping the businesses prepare. I look forward to the opportunity to talk with the committee about ways NCSA works with stakeholders to fund and deliver these much-needed and highly useful programs in connection with the enforcement actions and strong protective stances you continue to take.
"Chairman Risch, Ranking Member Cardin and distinguished Senators, thank you for the opportunity to present this testimony."
© 2018 Targeted News Service, source News Service