The recent attacks on our nation’s digital infrastructure through the compromise of small- and medium-sized businesses (SMBs) underscore the urgent need to close a critical gap in our nation’s cyber defenses.
When we think about cybersecurity, we tend to think at a macro level — about state actors, and state secrets; about hacks of millions of online identities; about threats to critical infrastructure. And when we think about remedies, we tend to focus on digital giants and national or multinational policymaking. These policy solutions are necessary and appropriate, but they are not sufficient. The threats we face — as a nation, and as individual consumers and citizens — are not restricted to the macro level. As the saying goes, a chain is only as strong as its weakest link. Today, that chain is our economy’s supply chain, and our SMBs are its weak link.
SMBs, which are constrained by limited resources and unable to invest proportionately in cybersecurity, expand our risk exposure. Bank of America CEO Brian Moynihan said during an appearance on Face the Nation that eighty percent of America’s businesses have fewer than 10 employees, and 95 percent have fewer than…
