Skip to main content

Last year, we heard from small business owners about their cybersecurity challenges at a series of roundtable discussions the FTC hosted with some of its partners. What we learned is that small business owners need and want information on how to keep their computer systems and business data safe. So we’re planning to provide that to them. Later this year, the FTC will launch a small business education campaign on cybersecurity, in partnership with other federal agencies.

Specifically, they told us they want clear, easy-to-use resources about cyber threats and how to deal with them. Most business owners we met said they’re concerned about human error — their own employees or themselves doing something that inadvertently would compromise the business’ systems. Phishing schemes, ransomware attacks, tech support scams, and imposter scams are among their top cybersecurity concerns. Mobile device security, cloud security, wireless connections, email authentication, and what to look for when purchasing web hosting services are also topics they’d like to know more about.

The FTC business education campaign will cover those and other cybersecurity topics based on what we learned at the roundtable discussions. With these materials, business owners will be able to learn more about cybersecurity and train their employees, and will add to the resources currently available at FTC.gov/StartwithSecurity.

We share our plans for this business education campaign and other specifics about what we heard from small business owners in the new FTC’s staff perspective report Engage, Connect, Protect: The FTC’s Projects and Plans to Foster Small Business Cybersecurity. If you want to be notified when the campaign materials are ready, send us an email to smallbizcyber@ftc.gov or stay tuned to this blog.

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system, and user names also are part of the FTC’s computer user records system. We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.

The purpose of this blog and its comments section is to inform readers about Federal Trade Commission activity, and share information to help them avoid, report, and recover from fraud, scams, and bad business practices. Your thoughts, ideas, and concerns are welcome, and we encourage comments. But keep in mind, this is a moderated blog. We review all comments before they are posted, and we won’t post comments that don’t comply with our commenting policy. We expect commenters to treat each other and the blog writers with respect.

  • We won’t post off-topic comments, repeated identical comments, or comments that include sales pitches or promotions.
  • We won’t post comments that include vulgar messages, personal attacks by name, or offensive terms that target specific people or groups.
  • We won’t post threats, defamatory statements, or suggestions or encouragement of illegal activity.
  • We won’t post comments that include personal information, like Social Security numbers, account numbers, home addresses, and email addresses. To file a detailed report about a scam, go to ReportFraud.ftc.gov.

We don't edit comments to remove objectionable content, so please ensure that your comment contains none of the above. The comments posted on this blog become part of the public domain. To protect your privacy and the privacy of other people, please do not include personal information. Opinions in comments that appear in this blog belong to the individuals who expressed them. They do not belong to or represent views of the Federal Trade Commission.

William D
April 17, 2018

I hope it proves successful to ward off what seems to be daily hacks and threats to a small business and handcuffs us from some operations as well as expensive fixes.

Cpm1511
April 13, 2018
i am interested
blingdiva
April 13, 2018
Very interested in this critical information.
Jw18
April 14, 2018
Me too!
Jw18
April 14, 2018
I am interested as well.
Stop small bus…
April 17, 2018

Small business owners should also be concerned of their employees including security guards participating in group stalking, and voilating customers privacy by spreading their information to other companies where their friends might work at.

Hacker Combat
August 10, 2018
Very Interesting News
Eileen Callejas
November 24, 2018
One topic that was a serious and increasing threat to our small family owned and operated restaurants this past summer was the use of cyber rating sites and tools (facebook, yelp, google maps) by individuals or persons posing themselves as writing for media publications or being online-influencers. There was an increased-anomaly to the rare trend in the attempt to threaten and extort free meals for friends and family from our restaurant, by threatening to post a bad review online, following an illogical/unfair complaint. (Such threats are often made after the complainant has already consumed over 75% of the item or meal in question.) Beligerant behaviors sometimes accompanied the on-site complaint(s) if staff refused to "comp" an entire meal, or an entire table of the complainant's friends'/family's consumed meals. Because of new "fairness regulations" in ratings and reviews postings- We experienced difficulty in requesting that suspicious, fake, and predatory/bullying reviews be removed from some online sites; because the reviews themselves were not being read with the inclusion of the live or online bullying-influencer behaviors that were also connected to the comments or onsite incidents. During the "fake-profile" infestation of social media, it also became very difficult to determine who was an actual customer, and who was a 'fake profile' lodging a false review or directly messaging the restaurant's social media platforms in search of free items in the resolution of complaints. Targeted Cyber-Bullying of Small Businesses / Ethnic Businesses is now real, and it is also a cyber/real-world security threat for small business owners' families and the other on-site guests they serve. A bad review that is honest and earned is one thing. A threat of cyber-bullying and the extortion of goods from real, fake, or influential customers is a frightening new cyber-social issue for communities.