Cybersecurity: Priority or Liability for Your Company?

cybersecurity priority liability company 810x650
June 29, 2017

If a cyber-criminal decided to attack your business tomorrow, would they be successful? How easy would it be for them to gain access to your company’s sensitive information?

If you’re not sure how to answer those questions you certainly are not alone. Despite the steady increase in cybercrime, organizations still struggle to stay ahead. I recently finished a series of Tech Talk videos that focused solely on cybersecurity. It’s such a critical topic, and with our exposure at an all-time high, every organization needs to understand the critical nature of proactively protecting your company.

Access, Access, Access

Technology continues to rapidly permeate our lives through microchipped pets, the Amazon Echo, and even our refrigerators. Threats come from anywhere and everywhere. As more and more employees work remotely and/or login to work email on multiple business and personal devices, we have become more vulnerable than ever before. Hackers have lots of options when it comes to accessing information. They have also become increasingly sophisticated, especially in comparison to corporate America which continues to fall behind in cyber savviness. Are you connected to the internet? If so, you are vulnerable. Failure to have a plan is not an option.

Does Size Equal Risk?

I still talk to many small and midsized businesses (SMB) who think they won’t be hacked simply due to their size. They question why hackers would spend time on such small potatoes. While it is true that typically only the breaches that affect corporations on a large scale reach the news, they are certainly not the only ones targeted and attacked. Every day companies of all shapes and sizes find themselves in a breach situation. In fact, small- to mid-sized business may be specific targets because they have less protective measures in place and are easy prey. Don’t fall victim to the belief that company size dictates risk level, even the smallest of organizations should secure themselves including having a disaster recovery plan in place.

Underestimating the Threat

Cyber-attacks are only going to increase in frequency and destructiveness, yet on average only 3% of capital expenses go towards technology. So why isn’t cybersecurity a priority for many companies? There are several reasons.

“We have an IT department; they’ve got it covered.” Or do they? I am the first one to stick up for IT departments, but I can also assure you that they may not have things as under control as you think. The high demands on these employees result in being swamped with daily problem-solving. Putting out fires all day can quickly push other priorities down on the list.

Technology is overwhelming. If I asked you to explain ransomware or phishing, could you? Probably not, because it’s not your job to understand these terms. Unless you are a proud IT geek (like me), you may start zoning out when you hear technical jargon. Often this leads to relying on minimum security measures like virus protection. If this describes you, I would strongly encourage you to find an experienced IT group to work with you on beefing up your security.  Rely on experts now rather than needing to call on them to rescue you from a devastating breach down the road.

How Much is Enough?

We’ve talked a lot about implementing cybersecurity measures, but is it enough? Unfortunately, there is no such thing as a perfect solution. Despite your best efforts, there is no guarantee that your company will never be a victim. The key here is to be proactive so that if you do suffer a breach, the impact will be much less significant.

A disaster recovery plan is just as important as embracing security measures. A good plan should outline the process and procedures needed for your business to recover from an infrastructure breach. It helps eliminate the need to figure out next steps while you’re in panic mode. But it’s not enough to just have a plan, make sure it is reviewed regularly and updated accordingly. Waiting to have a plan after you an attack isn’t going to be very helpful.

Next Steps

I can’t stress enough the importance of making security a priority, but I also understand that it can be overwhelming. Don’t feel as though you need to come up with cyber strategies on your own. Diving into the world of technology can be complicated, but there are cybersecurity experts who can quickly identify your areas of vulnerability and make recommendations to strengthen your systems to keep your business safer. If you are ready to start feeling more confident in your technology, contact me today for a quick and easy vulnerability assessment.

Phil Keeney - Stambaugh Ness

Categories: Technology