|[February 27, 2014]
Attorney General Kamala D. Harris in Collaboration With Lookout Issues Guide for Small Businesses to Protect Against Cyber Attacks, Data Breaches
SAN FRANCISCO --(Business Wire)--
Attorney General Kamala D. Harris today issued recommendations to
California businesses to help protect against and respond to the
increasing threat of malware, data breaches and other cyber risks.
"My office issued this guide to support California's businesses and
ensure a robust economy," Attorney General Harris said. "Technology has
created new opportunities and new risks for California businesses,
including cyber attacks. This guide offers specific, straightforward
recommendations to help businesses continue to thrive by reducing cyber
security risks to employees and customers."
The guide, Cybersecurity in the Golden State, provides recommendations
focused on small to mid-sized businesses, which are particularly
vulnerable to cybercrime and often lack the resources to hire
cybersecurity personnel. In 2012, 50% of all cyber attacks were aimed at
businesses with fewer than 2,500 employees and 31% were aimed at those
with less than 250 employees.
Click here to view Cybersecurity in the Golden State: https://oag.ca.gov/cybersecurity
The guide is a product of a collaborative effort between the California
Attorney General's office, the California Chamber of Commerce and
Lookout, a mobile security company.
"Prevention is the best medicine. Not only does the guide prvide useful
information to reduce the threat of cybercrime, it highlights the need
to be proactive in preventing data breaches. This is good for California
businesses and consumers," said Allan Zaremberg, President and CEO of
the California Chamber of Commerce.
"Security should not be viewed as a technology problem; it needs to be
viewed as a business problem. If companies take a more proactive
approach to security, they mitigate issues related to cyber risk," said
Kevin Mahaffey, co-founder and CTO at Lookout. "We're happy to
collaborate with Attorney General Harris to identify the steps
businesses can take to improve their security practices -- for companies
of all sizes."
Key Recommendations for small business owners:
Assume you are a target and develop an incident response plan now.
Review the data your business stores and shares with third parties
including backup storage and cloud computing. Once you know what data
you have and where it is, get rid of what is not necessary.
Encrypt the data you need to keep. Strong encryption technology is now
commonly available for free, and it is easy to use.
Follow safe online practices such as regularly updating firewall and
antivirus software on all devices, using strong passwords, avoiding
downloading software from unknown sources and practicing safe online
banking by only using a secure browser connection.
In 2003, California was the first state to pass a law (AB 700) mandating
data breach notification, which requires businesses and state agencies
to notify Californians when their personal information is compromised in
security breach. In 2012, companies and state agencies subject to the
law were required for the first time to report any breach that involved
more than 500 Californians to the Attorney General's Office (SB 24).
That first year, The Attorney General's office received reports of 131
data breaches, which placed the personal information of an estimated 2.5
million Californians at risk. More information is available here: http://oag.ca.gov/news/press-releases/attorney-general-kamala-d-harris-releases-report-data-breaches-25-million
Attorney General Harris created the eCrime Unit in 2011 to identify and
prosecute cyber crimes such as hacking, theft of intellectual property,
identity theft, on-line fraud and extortion and identity theft. Attorney
General Harris also established the office's Privacy Enforcement and
Protection Unit in 2012 to enforce federal and state privacy laws
regulating the collection, retention, disclosure, and destruction of
private or sensitive information by individuals, organizations, and the
[ InfoTech Spotlight's Homepage ]