No business wants to deal with a cyber hacker, but small businesses especially don’t want to have to deal with one. The experience could be economically fatal.
That’s why the Small Business Development Center of Michigan recently announced it has developed a new — and free — risk assessment tool for small businesses. The initiative, Small Business, Big Threat, can be found online at smallbusinessbigthreat.com. The website was formally introduced in its pilot phase Dec. 4.
“At the end of 2015, the Michigan SBDC … received a grant from the federal Small Business Administration to focus on raising the awareness of small business for hacking,” said Keith Brophy, state director of the Grand Rapids-based Michigan SBDC.
“The grant from the SBA was a grant for $190,000. That grant is the core funding behind www.smallbusinessbigthreat.com. That encompasses program development, program offerings and the ongoing campaign of raising awareness,” Brophy said.
“We’ve been able to take this initiative forward with a high emphasis on efficiency compared to the ground we have to cover. We really wanted to get a lot of leverage out of that grant.”
Statistics show that the vulnerability of small business and the focus of hackers on small business have increased significantly over the last five years, Brophy said.
When a small business is attacked and undergoes a cyber security breach, the consequences can be significant: lost time, diversion of focus and crippling financial impact. In many cases, small businesses are not able to recover.
“We’re seeing a doubling of the preponderance of threats … to small business over the last four years, and that’s not going to change,” said John Hey, chief operating officer at the Grandville-based integrated IT company Trivalent Group, which served as the lead content production partner and cyber security experts on the project.
That is precisely why they created the Small Business, Big Threat online assessment tool, which allows a small business to take a free online assessment of its cyber security, Hey said.
The tool then matches small businesses with immediate feedback and a wealth of additional follow-up information. Brophy described it as not a “self-contained resource, but a first landing point for small businesses.”
So far the website has received positive feedback, he said, particularly because of its relevance to small business owners. Often, cyber security awareness is either written for “techies,” who already know the lingo, or for larger businesses.
“Traditionally, (these kind of websites) are targeted at a techie or the IT staff or the consumer. We’ve tried to make the information relevant to a small business — a non-techie small business that might not have an IT staff,” Brophy said.
“One reality of the small business world is owners don’t have a lot of time. It’s a precious resource … so we recognize that as we service this information to the small business community, we have to service it in a way that is time-efficient, high-impact. We’re continuing to evolve the presentation of the information.”
Due to the nature of cyber crime’s ever-changing landscape, SBDC designed the online tool so it could be maintained with relevance and ease, Brophy said.
The online tool features support from the state of Michigan, but it was purposely designed so anyone from anywhere in the country could use it, although the grant is targeted to help Michigan small businesses and its awareness raising is targeting Michigan and its teams, he said.
“Our ultimate goal is to help the small businesses of Michigan have a more savvy understanding of staying safe in this new and changing world. There’s far more cyber threats in 2015, soon to be 2016, than businesses faced in 2010,” Brophy said.
“One of the interesting aspects of cyber security is it’s not always just one perspective. There can be a difference of perspectives from experts on how to address an issue, and then technology keeps merging quite rapidly. We picture that our questions will continue to be refined and the issues will be refined over time.”
The new initiative takes a combination of approaches to help small businesses fight preemptively against cyber criminals, he said. Aside from the website, the initiative also includes webinars, seminars, in-person training and more to help keep Michigan’s small businesses safe.
According to the SBDC, hackers might target small businesses because those are the kind of business that usually don’t have the resources or expertise to either fight off cyber attacks or follow up during the aftermath. Small businesses generally also don’t understand the context of cyber attacks, making them more vulnerable.
“We have been piloting this program for a few weeks now and have seen notable results from participants,” said Jennifer Deamud, SBDC of Michigan associate. “We are confident that Michigan small businesses will benefit from this tool and be more prepared to fight cyber threats.”
The initiative is available for all small businesses, particularly those engaged in international trade or in underserved communities. It will allow a small business to put a face to who the hackers are — whether they’re across the street, across the country, or across the world, Hey said.
“Security is an interesting aspect to measure because it’s hard to measure what didn’t happen through one’s efforts,” Brophy said.
“Our goal is to have 1,000 individuals from the Michigan small business community experience the Small Business, Big Threat site by the end of 2015. Additionally, we hope to have 10,000 individuals experience the site by the end of 2016. Increasing the cyber security awareness of 10,000 people makes for a safer, more vibrant business economy.”