Four Cyber Security Issues Every SMB Should Address Going Into 2019

PamelaPassman.png

Cyber attacks are on the rise – last year there were 53,000 cyber incidents, according to Verizon’s latest Data Breach Investigation Report. This news is tough for all companies, and particularly for small and medium-sized businesses (SMBs). According to the Ponemon Institute's 2017 State of Cyber Security in Small & Medium-Sized Businesses Report, the percentage of small businesses that have experienced a cyber attack in the past 12 months is up from 55% in 2016 to 61% in 2017.

Through the interdependencies that define supply chains, the security of global businesses rest on the security of small to medium-sized counterparts.

The cyber vulnerability of SMBs is concerning for business of all sizes, especially for global companies with value chains that include a myriad of smaller businesses. SMBs that are more susceptible to cyber security breaches become the targets of attacks ultimately aimed at permeating an entire value chain. Therefore, through the interdependencies that define supply chains, the security of global businesses rest on the security of small to medium-sized counterparts.

Webinar: Cyber Security and Insider Threats: Turning Policies into Practices

To understand how to support the cyber security of our SMBs, we first have to understand how networks and infrastructure of SMBs are being compromised in the first place.

The Cyber Readiness Institute has identified four key issues:

  1.  Authentication: A weak password is an easy access point to your most sensitive information and system.
  2. Patching: Patches are updates to your software and systems that contain important security remedies.
  3. Phishing: Phishing is an email-borne attack that attempts to use your email account to do something malicious.
  4. USBs: USBs and removable media devices are easy gateways for malware to infect your computers.

White Paper: Cyber Security Best Practices - The Ethics and Compliance Effect

The team at the Cyber Readiness Institute firmly believes that SMBs’ cyber readiness shouldn’t have to be expensive or complicated. For that purpose, the Cyber Readiness Institute has launched an accessible, self-guided Cyber Readiness Program that SMBs can access globally and free of charge. The Program offers an array of practical tools and resources that were developed and tested by a team of leading experts in business and cyber security, all to make cyber readiness easy-to-use for small and medium-sized organizations throughout the world.

The Cyber Readiness Program approach:

  • Focuses on preventive measures for organizations and outlines actions to execute when incidents occur.
  • Creates an organizational culture with cyber readiness embedded in how people do their job.
  • Enables organizations to reduce cyber risk in practical ways, aligned with the nature and mission of the organization.
  • The Cyber Readiness Program is self-guiding, with an internal Cyber Leader driving execution.


Learn more about the Cyber Readiness Program: cyberreadinessinstitute.org


What do you have to say? Share your thoughts in the comments below or join a discussion group on Compliance Next.


Action Not Perfection: DOJ Revisions to Yates Memo Still Prioritize Individual Accountability

DOJ revisions to the Yates Memo have some wondering if there is going to be a departure from the department's focus on individual accountability. This is not the case. Instead, changes appear to be designed to make enforcement more swift. 

Previous/Next Article Chevron Icon of a previous/next arrow. Previous Post

The Motivating Factors Driving White-Collar Crime (Part 2 of 3)

Any conversation around white-collar crime, needs to drill down into motivations. What drives people – who are often seen as exemplary in many other ways – to commit criminal acts. That is what we will focus on here in part two of our white-collar crime series. 

Next Post Previous/Next Article Chevron Icon of a previous/next arrow.

Comments