Five of the most prominent intelligence agencies in the world are teaming up to help small businesses (SMBs) become more secure.
The United States intelligence community, along with its counterparts in the UK, Canada, Australia and New Zealand (collectively known as the Five Eyes) issued a set of guidelines aimed at helping SMBs shore up some of the more common avenues threat actors use to infiltrate networks.
According to the agencies, the aim of the guidelines is to help small businesses, particularly those in the technology sector, better guard against hacking attacks from state-sanctioned threat groups.
“Sophisticated nation-state adversaries, like China are working hard to steal the intellectual property held by some of our countries’ most innovative and exciting startups,” said MI5 Director General Ken McCallum.
“The Five Eyes Secure Innovation advice we’re rolling out today forms part of our response.”
In general, the guidelines explain a number of best practices companies should adopt around areas such as appointing security managers and maintaining a clear inventory of assets and potential risks.
The guidelines also include advice for managing data on third-party services and managing data access from partners.
In addition to protecting from nation-state threats, the agencies also offer tips on how to guard data from unscrupulous competitors and run-of-the-mill criminal hacking groups that operate without government backing.
Some of the more skeptical readers might point out that the Five Eyes offering security advice betrays a stunning lack of self-awareness on the part of the five intelligence agencies famous for spying on the better part of the free world.
Documents leaked by Edward Snowden show that in many cases the Five Eyes were more than happy to exploit poor OpSec in the name of collecting intelligence. It could be said that asking them for security advice is akin to polling wolves on the best way to secure your chickens.
Still, the agencies maintain that they are acting in the best interests of the business community with the belief that by better securing the private sector at home, they will be better able to protect the government sector.
“By joining up with our allies and offering consistent advice, we are making it easier for companies working across the world to take steps to keep their ideas and products secure,” said McCallum.