Protecting Against Cyber Attacks
Recent studies show that reports of data security breach incidents have skyrocketed from 774 in 2007 to 1,474 in 2015. High-profile examples of such breaches include T.J. Maxx’s breach of 45.6 million customer credit cards in 2007, Sony’s loss of 70 million records in 2011 and Yahoo’s breathtaking breach of one billion user accounts in 2016.
“There are so many vulnerabilities in data security, there is a good chance you’ll be breached,” saya Jing Wang, associate professor of decision sciences.
“We discovered that smaller firms felt they were too busy to focus on cybersecurity. The problem is, hackers don’t distinguish between large and small firms,” says Gwebu.
With such breaches increasingly commonplace, Wang and fellow Paul College researcher Khole Gwebu pooled their considerable talents and have launched a new research stream focused on the best ways for large companies to protect their reputations and economic assets following a breach.
But there was a problem.
“We didn’t feel our research was getting through to smaller firms,” Gwebu says. “We discovered that smaller firms felt they were too busy to focus on cybersecurity. The problem is, hackers don’t distinguish between large and small firms.”
To bridge the gap, Gwebu and Wang partnered in 2016 with the New Hampshire Small Business Association and Paul College Center for Family Business on a symposium to increase awareness of the risks and challenges of cyber security for small and medium-sized enterprises (SMEs). Several dozen New Hampshire SMEs spent the day learning about ransomware, password protection, viruses and data breach protocol.
Gwebu and Wang plan to use participant feedback to direct future research aimed at smaller businesses.
“Participants kept asking, ‘Where do we start? How can we take best practices designed for larger companies and scale them down in a low-cost way that doesn’t take lots of time or require vast resources?’” Gwebu says.
The good news is that any of the solutions that are eventually proposed, if adopted, are likely to have a profound impact on the state of New Hampshire, given that SMEs constitute a significant portion of the state’s economy.