Small Business Cybersecurity Act Becomes Law

As technology entwines more and more with small business, we’ve watched hackers shift focus in their direction. The odds of success go up dramatically when attacking a small business typically due to lax cybersecurity. Larger businesses can utilize resources to protect their data that small businesses do not have.

In hopes of combatting this problem, August saw the NIST Small Business Cybersecurity Act signed into law. This law asks NIST (National Institute of Standards and Technology) to lay out “standard and method resources that small business may use voluntarily to help identify, assess, manage, and reduce their cybersecurity risks.”

Small Businesses Lose More

Why the sudden interest in cybersecurity? A larger business can more easily absorb the impact of a successful cyber-attack. Small businesses are attacked more and are less likely to recover from a successful attack. According to the SBA and CNBC, Small businesses make up 99.7% of employers within the U.S, and nearly 50% of them have experienced a cyber-attack. Do the math, and you can see how the impact can indirectly affect the general workforce.

The Law Offers Voluntary Guidelines

Most security experts consider the law to be a step in the right direction. However, the biggest drawback remains the fact that it’s voluntary. NIST will be creating guidelines and not regulations that must be followed. According to Francis Dinha, CEO of OpenVPN, guidelines aren’t enough.

“Many small businesses neglect cybersecurity because they aren’t aware and don’t understand the risks — so they don’t seek out solutions.”

Why would you look for a solution if you didn’t know you had a problem?

From Voluntary to Regulation

At Pit Crew IT, we’re betting that it’s only a matter of time before these “guidelines” actually become “regulations”. We watched it happen with HIPAA not long ago. Small and large businesses alike barely knew what HIPAA guidelines were until they became mandatory.

Get Ahead Of The Curve

We’ve figured for a while that the industry was heading in this direction. As a result, we keep our clients’ networks secure above current guidelines. You should never settle for “good enough” when it comes to cybersecurity. Albert Einstein once said, “If you don’t have time to do it right, when will you have time to do it over?” In terms of cybersecurity, you may not even get the chance. Don’t wait for regulations. Let us help you keep your business secure. Request a free consultation below.

Get a FREE IT Consultation!

Start Now