On October 18, 2018, the Federal Trade Commission (FTC) – along with the Department of Homeland Security (DHS), the National Institute of Standards and Technology (NIST), and the Small Business Administration (SBA) – unveiled a new cybersecurity campaign specifically designed to assist small businesses with limited resources. The campaign follows a series of FTC roundtables with small business owners to discuss their cybersecurity concerns, and the publication of an FTC Staff Perspective titled “Engage, Connect, Protect: The FTC’s Projects and Plans to Foster Small Business Cybersecurity.”

The campaign includes twelve modules on what the FTC calls “need-to-know” topics:

  1. Cybersecurity Basics
  2. Understanding the NIST Cybersecurity Framework
  3. Physical Security
  4. Ransomware
  5. Phishing
  6. Business Email Imposters
  7. Tech Support Scams
  8. Vendor Security
  9. Cyber Insurance
  10. Email Authentication
  11. Hiring a Web Host
  12. Secure Remote Access

Each module includes a fact sheet that addresses the issue with “harmonized advice from the FTC, DHS, NIST, and SBA” as well as training videos and quizzes. Andrew Smith, Director of the FTC’s Bureau of Consumer Protection (BCP), discussed the campaign at an event sponsored by the National Cyber Security Alliance (NCSA), which you can watch here. Going forward, we will continue to monitor the BCP Business Blog, which will feature additional campaign material in the coming weeks.