Last week, the U.S House Committee on Small Business held a hearing that addressed the federal government’s role in equipping small businesses to defend themselves against cyber threats.
During the hearing, titled “Small Business Cybersecurity: Federal Resources and Coordination,” Representative Steve Chabot, R-Ohio, said: “A cyber attack can have serious consequences, not only for small business, but also their customers, employees and business partners. Sixty percent of small businesses that fall victim to a cyber attack close up shop within six months. A 2014 survey from the National Small Business Association estimated the average cost of a cyber attack on a small business to be over $32,000.”
Members and witnesses at the hearing stressed the importance of a strategy to respond to cyber threats. However, the difficulty of maintaining an up-to-date system due to the constantly changing environment of the cyberworld.
Witness Maureen K. Ohlhausen, acting chairman, Federal Trade Commission, said in her written testimony: “The commission continues to reiterate its longstanding, bipartisan call for comprehensive data security legislation that would (1) strengthen its existing data security authority and (2) require companies, in appropriate circumstances, to provide notification to consumers when there is a security breach.
“Reasonable security practices are critical to preventing data breaches and protecting consumers from identity theft and other harm. Where breaches occur, notifying consumers helps them protect themselves from any harm that is likely to be caused by the misuse of their data.”