Small businesses must follow the law, report cybersecurity breaches
For the cybersecurity story, I reached out to multiple sources to connect with businesses that might have experienced a breach. Everyone (except franchisees that are associated with national breaches) declined to talk because they didn’t want to be associated with such a story.
When I looked at the 12-page list of businesses that have reported data breaches this year in the state, I recognized names of medical companies, larger corporations, colleges and state agencies, but I didn’t see a lot of small, retail businesses.
Craig Petronella, president of Petronella Technology Group in Raleigh, likened the situation to someone who never visits a doctor, so they don’t know what diseases could be lurking underneath their skin.
Small-business owners are more likely to mistake a malware intrusion as a “pesky nuisance,” he said.
“Big deal,” they think when they get popups or their computer is going to weird websites, he said. Instead of assessing the possible implications of such an intrusion, he said, they take it somewhere to be repaired.