Owners of and partners in small businesses, please take heed: It’s time to revisit your cyber policy.
Most of you think, “Thanks for the advice, but that won’t be necessary.”
Some, if not all, will say, “Cybersecurity is a concern. We’ve seen how ransomware has been in the news and affected local organizations. But don’t worry; we have it under control.”
I’m sorry to say that willful ignorance will not work.
Why? Because despite frequent newsletters and emails from Managed Services Providers (MSPs) like myself, many business owners disregard the hard work required to ensure their business remains operational.
Also, last year’s cyber program will not be enough to address tomorrow’s cyber challenges. Even if your business has successfully addressed cyber-attacks and ransomware threats, newer, more vicious dangers will arise. Sadly, the bad actors are improving as fast or faster than the good guys.
Neglecting cybersecurity can:
- Undermine the reputation of your business with your clients.
- Force unacceptable expenditures associated with cleaning up after security breaches.
- Cripple your ability to conduct your daily business until the threat has been identified and remediated — costing you thousands, if not hundreds of thousands, of dollars.
So, what steps can you take?
To begin, I’ve never met a business owner who said that cybersecurity is unimportant. While true, I’m exaggerating. Most business owners don’t necessarily consider it a priority, if at all. But they acknowledge actions I take, like patching their servers and desktop computers and offering business continuity and incident response plans, are essential.
However, their actions often don’t match their words. I frequently encounter a business owner who checks off the box when their insurance comes up for renewal without giving more thought to the problem.
My job is to make cybersecurity a priority and a core part of everyone’s business environment. In some cases, you will hear me discuss cyber protections more than I have in the past — only because I’ve seen some ramifications when businesses fail to heed common sense measures. Business owners should want advisors on how to lower the risk to their business. Often, that’s not the case.
Next, some business owners think cybersecurity is just a minor aspect of technology. But cybersecurity is a business risk issue that will either strengthen or harm your business. Security experts agree that what is needed is a robust system of training, followed by understanding and actions that start with the business owner and that all employees or staff follow.
There are many ways to improve cybersecurity risk management. These methods include identifying, protecting, detecting, responding to, and recovering from inevitable cyberattacks. But irrespective of your procedures, your employees, clients, business partners, vendors, and others you interact with need to see you — as a business owner — step up and lead those cybersecurity measures.
The start of a new year is a perfect time to realign — or even start over — on cybersecurity. Theodore Roosevelt once said, “In any moment of decision, the best thing you can do is the right thing, the next best thing is the wrong thing, and the worst thing you can do is nothing.” Just make sure you do something!
Thanks, and safe computing!