A recent survey completed on behalf of The Hartford shows that small business in general still doesn't do much in terms of information security and privacy. There is still a "It won't happen to us." mentality in the small business community. This is despite evidence from sources such as the Verizon Data Breach Report that shows small business are increasingly being targeted in cyberspace.

Here are three reasons why small business are often targeted.

Read more: On The Whole, Small Business Ignores Security

It's official. We are at war again. Cyber war. On Friday the NY Times broke the story that Presidents Bush and Obama developed and unleashed the Stuxnet worm to cripple the Iranian nuclear facilities. This is the first time in US history that the government has publicly accepted responsibility for a cyber-attack. This is a game changer. Much like the A-bomb use of World War II, it signals a new frontier in combat. A new arms race if you will.

Should the US utilize any and all efforts to protect our citizens, our national interests, and our economic vitality? Absolutely. Are offensive or preemptive attacks a necessary military strategy? Yes. However we have opened a door that cannot be closed.

Read more: US is at war, cyberwar

In my role as a business owner and information security consultant I talk to a lot of people.  Some of these people are business owners or leaders like me.  Others are security or IT professionals.  There is one common theme that I see frequently.  Outside of the Fortune 500 circle (and even inside it at times) there seems to be a lack of clarity on IT risk management in the company. 

Read more: One Risky CEO

The IC3 2011 Internet Crime Report was recently released.   The IC3 is where many smaller crimes such as identity theft, email scams and other internet crimes are reported.  It does not cover all reported crime and is only an indicator or the trends we see across multiple industry sectors and reporting agencies. There are some very interesting numbers for the "Average Joe" and small business owner in this report.

Total complaints received: 314,246

Complaints reporting loss: 115,903

Total Loss: $485,253,871

Median dollar loss for those reporting a loss: $636

Average dollar loss overall: $1,544

Average dollar loss for those reporting loss: $4,187

This should be a wakeup call to all individuals and small business owners out there that internet crime is real.  It targets everyone.  When approaching small businesses to help them ensure information security we're often told "We're too small to be a target." or "We don't have enough revenue to make it worth the time to target us."  Hopefully this information will dispel that myth.  The average loss was $4,000.  How big does a company need to be before losing $4,000 at a time isn't worth the effort to stop it?

The FBI and other US agencies have issued a travel advisory for a cyber threat at international hotels.  You can read the full advisory here.  While we often think about the physical dangers US citizens face when traveling abroad, we often overlook the danger to information security.  Your data is a very large target.  It's important to remember that your personal property can be seized by any government for just about any reason.  We have some protections as US citizens while in the US, but very few protections in other countries.  I almost wound up in a Mexican jail and had my truck seized in Mexico while on a mission trip years ago for "speeding".  Paying my "fine" on the spot kept us out of jail.  Don't let your laptop, thumbdrives or other valuable data storage devices end up as "contraband".  Take only what you need and try to leave all your critical data at home and connect to it remotely.  You can't lose what you don't have.

The FBI has pushed back the date for shutting down the DNS server which served the DNSChanger malware sites.  The FBI reports there are nearly 500,000 systems still infected and using the rogue DNS server. 

Network administrators should check their systems at https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS to ensure they are not impacted.  Once the deadline of July 9th comes, any system using the rogue servers will be unable to access the internet until the malware has been removed and correct DNS settings are restored.

By the way...All you Mac users out there?  This affects you too!  Anti-malware software really is a necessity on all platforms.