TL; DR: The first thing you should know about cybersecurity is it’s not reserved for mega-corporations with millions of customers and personal data. Cyberattacks can happen to anyone — and many attackers specifically target small businesses because they often don’t have the proper knowledge, tools, or resources to combat these threats. Through work with the Free Cyber Clinic, Yoohwan Kim, a computer science professor at the University of Nevada, Las Vegas, is leading efforts to educate and safeguard local businesses from cyberattacks.

In a world where cybercriminals are getting more adept and technology is advancing at an unprecedented rate, cybersecurity is a crucial tool that everybody should know about. Just as you would look both ways before crossing a street or ensuring your oven is turned off before you leave the house, integrating cybersecurity is another layer of protection in our everyday lives.

This is especially true for small businesses, which are primary targets for cyberattacks. In fact, small and medium-sized businesses (SMBs) faced nearly 700,000 cyberattacks in 2020 alone.

Yoohwan Kim, a computer science Professor at the University of Nevada, Las Vegas (UNLV) with decades of cybersecurity experience, works to help safeguard local small businesses from online threats. Professor Kim collaborates with students and other professors in the university’s Free Cyber Clinic to offer complimentary education, resources, and assessments to fortify these businesses against potential cyber risks.

A Bullseye on Small Businesses That Are Prime Targets for Cyberattacks
For the past 19 years, Professor Kim has taught computer science at UNLV’s Department of Computer Science. During his tenure, he’s also authored more than 150 studies on topics from blockchain technology to cybersecurity, making him one of the leading US computer security researchers.

“I was initially researching DDoS attack prevention,” Professor Kim recalled, referring to 2001 before he got his Ph.D. from Case Western Reserve University. “Around that time, there was a major DDoS attack — and it drew me to cybersecurity, which eventually became the focus of my dissertation.”

Now, as a professor of computer science, Professor Kim also helps spearhead UNLV’s Free Cyber Clinic, which aims to arm small businesses with the knowledge and resources to stay secure online.

Since its formation in 2021, it has helped multiple small businesses assess threats and educate SMBs on improving their cybersecurity posture.

The problem? Many SMBs don’t think they’re a target at all.

A pie chart showing cyber attackers target SMBs more than all other sized businesses combined.

“These businesses can range from one-person operations to those with around 20 employees,” said Professor Kim. He explained that small businesses are targets for a couple of reasons: “Smaller companies often lack IT expertise, and their founders are usually busy with other responsibilities, leaving them vulnerable to cyberattacks.”

While SMBs could easily hire someone to upgrade their security or perform an audit, the problem is that cybersecurity services are expensive — often costing at least a few thousand dollars. But this isn’t surprising when considering the cost of a cyberattack on SMBs with fewer than 500 employees averages around $3.31 million.

Small business owners must realize that regardless of size, every organization is vulnerable to cyber threats. Even companies with just a few computers can be targeted. Professor Kim says acknowledging this threat is the first step.

Then, they can explore online resources, such as the Cybersecurity and Infrastructure Security Agency (CISA). They should focus on implementing basic security measures, like changing default passwords, activating multifactor authentication, and staying informed about cybersecurity best practices.

“With just a couple of hours of effort, they can strengthen their cybersecurity defenses,” said Professor Kim.

Free Cybersecurity Resources Through Local Business Partnerships
UNLV’s Free Cyber Clinic started when Kim realized the gap in cybersecurity with small businesses, so he and his students formed a group that can assist and educate local small businesses with cybersecurity.

Now, the Free Cyber Clinic partners with UNLV’s Nevada Small Business Development Center (SBDC) to identify clients who could benefit from their services.

The clinic currently offers three types of assistance: assessment, remediation, and education. They visit clients to examine critical assets and analyze any risks or vulnerabilities that need to be addressed. Then, they recommend solutions to discovered problems and offer assistance when implementing them. Additionally, they provide information and resources to clients who need a deeper understanding of cybersecurity.

So far, the clinic has been successful. The progress has been so steady that the Free Cyber Clinic organized its first cybersecurity clinic workshop in Washington, DC, in June in collaboration with the Consortium of Cybersecurity Clinics.

“We use resources from organizations like the Office of the National Cyber Director (ONCD) and CISA, which provide us with tons of knowledge and support,” added Professor Kim.

UNLV has also been designated as a National Center of Academic Excellence in Cyber Defense (CAE-CD) by the NSA. UNLV is among a select group of universities in the nation that have received this designation.