Earlier this year, President Obama submitted a proposed budget increase of 35% to $19 billion of Federal resources as part of the Cybersecurity National Action Plan. The administration’s comments included stating that cyberthreats “could lead to widespread vulnerabilities in civilian infrastructures and U.S. government systems.” The Pentagon is looking for $34.7 billion for the period of the next 5 years, in part to increase offensive cybersecurity military capabilities.
Computer attacks were cited as among the most imminent security challenges facing the United States. Since that time, more and more reports have proliferated regarding cyberattacks across all sizes of businesses, as well as government entities.
Does Your Small/Medium Business Have a Cybersecurity Budget?
As an IT managed services provider, we find that many small/medium businesses (SMBs) believe hackers mostly target larger enterprises … and, as SMBs, they don’t have information that would be of great value to hackers. Unfortunately, this is a fallacy.
According to Tim Francis, Enterprise Lead for Cyber Insurance at Travelers, most of the cyber breach victims are SMBs, rather than larger national companies – noting that 62% of cyber-breach victims are SMBs.
External cyberthreat vulnerability
Cybercriminals, like terrorists, often prefer soft targets. Additionally, mobile security is becoming a greater risk for SMBs due to smartphone proliferation and associated mobile business applications. SMBs are targeted as they typically are not staffed with security experts and often have not adequately invested in a secure IT infrastructure. Vulnerabilities include information such as intellectual property, trade secrets, customers’ credit-card information, and employee sensitive information such as birth dates and social security numbers.
Internal cyberthreat vulnerability
Unfortunately, cyber threats are not just external. In actuality, employees are the single biggest threat to SMB security – including susceptibility to ransomware. Ransomware (form of an online extortion) is proliferating at an accelerating rate. Statistically, 25% of people who are sent a malicious e-mail will click a link that creates an open door for cyber threats. This month, The FBI’s Internet Crime Complaint Center (IC3) warned that e-mail originated malware leading to extortion campaigns are increasing. Victims of e-mail scams subject themselves and their companies to a variety of cyber threats. This includes being told that if a ransom is not paid, personal information such as names, addresses, and credit card data will be provided to the victim’s social media contacts, family, and friends. Also, businesses are threatened with critical data files being permanently corrupted and/or deleted.
Cyberthreat risk mitigation is facilitated by implementing several security measures
According to a Pricewaterhouse Coopers study, only 30 percent of small businesses tested their network defenses and security protocols … and only 31 percent of companies had a mobile security strategy. In addition to infrastructure and process audits, businesses can train personnel on best practices for security. For example, employees can be trained on how to avoid suspicious e-mail. Also, password policies can be implemented, including creating strong passwords and changing passwords on a regular basis. The National Cybersecurity Institute offers courses specifically for SMBS on how to secure information, identify threats, and protect against possible hackers. Cyber liability insurance can also be a consideration for SMBs.
Obviously, a key ingredient to establishing and maintaining adequate security is through allocation of a budget to infrastructure, processes, and training. An IT security risk assessment, performed with an outside expert assistance, is a good starting point to establish a baseline of security preparedness and deficiencies. For some SMBs, outsourcing cybersecurity can offer a beneficial option, rather than attempting to utilize in-house resources. In any case, SMB managers need to consciously determine their budgets for cybersecurity near term and longer term. As cybercriminals get more sophisticated, cyber threats will continue to proliferate – so security programs and budgets need to be implemented accordingly.
Consider Network Security Services
Well-planned, properly set up and successfully secured computer network is a top priority for a successful, resilient business that values it’s operations and protects vital business data.
Professional Network Security services added stability and security of your business information, including data files, email, and more. With clear network security policies in place, as part of our Intelligent Business Continuity plan, and through network security you get the ability to run your business as soon as possible even if a disaster or other incidents occur.
We can help you make sure your and your sensitive data is protected, and your business network is safe and secure. Do you have a budget for network security? Don’t know where to start? Let’s start a conversation.
Our local Managed Services IT experts can also provide your business with remote support and on-site visits. Call us today at 201-493-1414.