Today’s security landscape consistently shows data breaches, compliance failures and other security weaknesses for businesses of all sizes.
Hackers make headlines every day and consumers have started to care about online crime because it’s a reality, and no company or individual is immune.
So why, then, do some executives continue to be in denial about the state of their company’s cyber security? Let’s outline and debunk a few fatal flaws in their thinking:
“Sophisticated hackers don’t care about us.”
No business is too small for cyber thieves — in fact, according to the 2018 Verizon Data Breach Investigation Report (DBIR) 58% of victims in 2017 were categorized as small business.
The idea that only the big guys like Hyatt, Hilton and Home Depot are being targeted is obsolete — hackers see that SMBs are acting lackadaisical when it comes to their security, making for an easy target. They’re also using SMBs to gain access to the larger, more lucrative company hacks.
“Some level of breach is inevitable.”
As devices and technologies continue to evolve, so do cyber threats. More devices, more data, more network traffic means more insecurity. And shortages in savvy security talent are not helping.
While it’s accurate to say that most businesses today, no matter the size, have been or will be targeted by online criminals, some executives think it’s simply the cost of doing business online. Thinking that security measures will never stack up is a lazy mentality and one that will likely eventually cost someone his business.
“We can recover.”
Eighty percent of top execs don’t equate compromised confidential data with the loss of revenues. Reality check: The average cost of a data breach is $3.62 million globally, $141 per data record according to the Ponemon Institute. Which constitutes a reduction on the average cost compared to 2016, but the average size of data breaches has increased. That is no small fee, especially for an SMB.
“Cybersecurity is too costly.”
There’s a perception that securing data is both expensive and challenging, possibly causing a barrier to business operations. This is no longer the case. As outlined in the numbers above, prevention is cheaper than clean-up.
However, there are steps you can take to save, such as taking a look at your existing security portfolios: Are your current tools already failing you? Are they suited to the current security environment? Can those dollars simply be moved into what attackers are currently after, which is data?
If the cost issue is around staffing, consider whether your in-house team is savvy enough to keep the business up to speed. And, if not, or if they need guidance, consider working with a third-party managed security provider to assist.
IT teams will need to take the lead in educating senior leadership about preventative planning and security measures to address vulnerabilities and manage risk. If this doesn’t happen, businesses will begin to crumble. By working with top managed security service providers, internal IT teams can begin a concentrated effort to maximize their IT systems and processes.