Introduction to Cybersecurity

America’s 28 million small businesses create about two out of every three new jobs in the U.S. each year, and more than half of Americans either own or work for a small business. Small businesses play a key role in the economy and in the nation’s supply chain, and they are increasingly reliant on information technology to store, process and communicate information. Protecting this information against increasing cyberthreats is critical.

Small employers often don’t consider themselves targets for cyberattacks due to their size or the perception that they don't have anything worth stealing. However, small businesses have valuable information cybercriminals seek, including employee and customer data, bank account information and access to the business's finances, and intellectual property. Small employers also provide access to larger networks such as supply chains.

While some small employers already have robust cybersecurity practices in place, many small firms lack sufficient resources or personnel to dedicate to cybersecurity. Given their role in the nation’s supply chain and economy, combined with fewer resources than their larger counterparts to secure their information, systems, and networks, small employers are an attractive target for cybercriminals.

The Department of Homeland Security (DHS) established October as National Cyber Security Awareness Month to educate the public and business owners about cybersecurity. As a small business owner, now is the time to take stock of your cybersecurity health, including the importance of securing information through best cybersecurity practices; identifying your risk and the types of cyberthreats; and learning best practices for guarding against cyberthreats. Understanding the threat environment and vulnerability can help small business owners make sound, risk-based decisions about investing in cybersecurity protection. The information and resources below are designed to help small employers better protect the data of their customers, employees, and business partners.

If Your Business Has Been the Victim of a Cyberattack