This subject has progressed:

""Small business leaders have to become security champions and communicate it to the staff," he says. "They have to explain to employees that security it not just about protecting the boss's Mercedes Benz. They have to understand that their W2s or tax refunds can be stolen, so cybercrime affects them, too.""

https://www.darkreading.com/application-security/half-of-small-businesses-believe-theyre-not-cybercr...

Yes or no?   What are your thoughts?

Regards

Caute_cautim

I understand, that the USA states that a Small business is one with under 100 employees and a Medium sized one has under 1,000 employees.    In comparison:  80 to 90% of all businesses in New Zealand have less than 100 employees - so does this make them tiny in comparison:

Some good advice from the UK on why Small businesses should adopt secure practices:

https://www.telegraph.co.uk/business/cybersecurity-for-small-business/fraud-prevention/

Regards

Caute_cautim

Part of my due diligence when I read an article is to see who/what etc is behind it.  If you read the second article you linked the above graphic is a link that takes you to a catalog of services that the same governmental organisation wants you to buy from once they have scared the crap out of you.  I'll lay down my snarky pen and pick up my analytical one:

1. As mentioned before, lets use one of my former customers as an example.  He is a baker.  Pastries, cakes, and other baked goods that my cardiologist would frown at are his specialty.  His wife, a sweet woman, handles all the back office stuff because he wants to do what he does best which is bake.  She is NOT an trained account but she knows that Quickbooks for business can help her run their small operation, handle their small payroll and get their quarterly tax reports to the greedy hands of the government.  She know nothing about computers except for the fact that she knows nothing about computers. That is why she hired me.  They know nothing about computer security beyond what they may get from the evening news, social media if they have a friend who posts about that sort of thing (like me!) or from the occasional email. But who wants to open that scary email?

2. Rinse repeat bullet point 1 for the owner of the printing company, hotel (not part of a chain), auto mechanic, etc.  The same case applies.

I think governmental organisations need to stick to their large enterprise environments and worry about keeping their own house in order. By extension, contractors to the Feds have to adopt increased security measures if they still want to play in that arena.  Sub-contractors to federal contractors should have to inherit the same security posture if they want to continue their role as well.  This makes sense and should be the norm.

Creating a panic by issuing the dumbed down version for SMB is not practical.  It's certainly not in the budget for these SMB's and is only a distraction.

@Flyslinger2 used the phrase "small to medium sized business in the DMV. "

For our International crowd here, DMV across most of the USA means Department (or Division) of Motor Vehicles. and refers to the state agency that registers and licenses vehicles. However, in Mark's usageABOVE it means Delaware / Maryland / Virginia, three contiguous states on the east coast with many regional businesses.

This local usage seems to be increasing rapidly in our area, and more often than not confuses me when I read it as the Motor Vehicle agency (who I had to pay this morning in Virginia). It also ignores the District of Columbia, which sits between Maryland and VIrginia. 

Maybe we should use DMDV or DMCV, or DMWV?

DCS, DSc

My only knowledge of the usage of DMV comes from local print and radio-they all refer to it as District/Maryland/Virginia.

My apologies for not being broader in my scope for responses.  Yes, this is an international community.