Cybersecurity remains a top concern for small and midsize businesses, which often don’t have the same resources available to combat cyber-attacks that large corporations do, according to cybersecurity experts who presented to lawmakers in Washington last week.
“Sixty percent of small businesses that come under cyber-attack go out of business within three months,” said Israel Martinez, CEO and chairman of Axon Global, a cybersecurity consulting firm whose clients include Fortune 500 and Global 1000 companies. “In some cases one hour of AI botnet activity can outperform 10,000 person hours of effort.”
Martinez (pictured above) was one of three speakers at a luncheon sponsored by the Association for Corporate Growth and the National Center for the Middle Market, presented on June 26 in conjunction with the Congressional Middle Market Growth Caucus, a bipartisan coalition of legislators who shed light on issues of concern to middle-market companies.
Other speakers included Thomas A. Stewart, executive director of the National Center for the Middle Market; the Honorable John W. Lainhart IV, director and cybersecurity executive at Grant Thornton’s public sector; and Daimon Geopfert, principal, risk advisory services group at RSM.
“Traditionally, hackers would have to break a business, poke around the network, escalate their access level, eventually find the right information and then sneak the data out of the environment,” said Geopfert, before commenting on the relative ease in which ransomware attacks can now be carried out. “Then they had to find another buyer on the black market– who they couldn’t trust as far as they could throw them, make the exchange, and finally launder the money. This was slow, hard to hide, and expensive.”
“Now, all they have to do is break into the client environment, lock the systems and data, and tell the victim to buy bitcoin and send it to X bitcoin wallet,” he said. “No middleman–fast, cheap and easy. When you think of hackers you think of the traditional black screen with green font and some guy typing out code, but anymore it’s actually pre-packaged, easy-to-use interfaces that low-skilled attackers ‘rent’ per day. The knowledge required to be a world-class hacker has gotten very low.”
All speakers emphasized the importance of cybersecurity laws being passed which implement frameworks (similar to the NIST Framework), versus one-off laws requiring that specific technologies be used. The technologies specified in any bill will more than likely be obsolete by the time the law is actually passed.
The caucus is co-chaired by Ohio Rep. Steve Stivers, Colorado Rep. Jared Polis, New Jersey Rep. Tom MacArthur and Arizona Rep. Kyrsten Sinema.
For more information on the House Middle Market Growth Caucus, and ACG’s public policy efforts, please contact firstname.lastname@example.org