CEOs of many small and medium-size companies read headlines about cybercrime and shrug them off.
Their attitude? Hackers only target the big guys.
“They're in denial,” says Bruce Parkman, chief executive officer for MainNerve, a Colorado Springs cybersecurity company. “And lack of attention from the top of a company is one of the strongest signs that a business is headed for trouble.”
Here are four dated attitudes that put a business at risk for a security takedown: 1. “Hackers would never go after us! We're not big enough.”
Companies of all sizes are at high risk for devastating security breaches. In fact, small and medium-size businesses may well be even more vulnerable. Security breaches set off waves of bad publicity for Sony, Target and Home Depot. “But they're still in business,” says Parkman. “A small or mid-size company hit is not likely to recover. For them, data theft is a life and death issue.” 2. “We invest in a firewall and the latest software. We're safe from cybercrime.”
The best technology in the world is no guarantee of security. Computer crime is growing across the country, with thefts, viruses and shakedowns blindsiding private companies, municipalities, government agencies – even police departments.
“It's not a matter of if, but when your company will be hacked,” says Parkman. “No matter how strong your technology or infrastructure you cannot be 100 percent safe. Millions of companies are hacked on a daily basis. It's going to happen to you.” 3. “Our IT department is trained in cybersecurity. They can handle whatever comes.”
An IT department, even a very good one, is not coached or prepared to take on the biggest challenge of a cyberattack: responding quickly and effectively. “It's no longer about defense, about keeping people out,” says Parkman. “It's about identification and response.”
In the event of a cyberattack, companies should have a response plan, called a “playbook,” ready with the technical, public relations and legal measures to be taken.
Without a playbook, “people run scared and don't know which way to turn,” says Parkman. The more quickly and professionally a company is able to identify and respond to a hack, the better its chances for controlling damage and getting back to business as usual. 4. “There's no use worrying about hacks. We have bigger fish to fry.”
For scrappy small and medium-sized businesses battling for growth and market share, ramping up to handle cyberintrusion can seem like a stretch. Yet these are precisely the companies that need help most. They often don't have the budgets to attract the attention they need from one of the larger cybersecurity companies. But they face increasingly perilous odds both of being hacked and for being held for civil and criminal penalties in the event consumer data is stolen.
In fact, more than 10 million companies formerly exempt from HIPPA Security Rule laws protecting consumer electronic health records are now required to be compliant. A single violation can incur $1.5 million in fines and criminal penalties.
Small and medium-sized companies grappling with higher risks and new standards have a new option: hiring a defense-grade cybersecurity firm to help train and prepare staff before the unthinkable happens.
Main Nerve was founded to serve and protect small and medium-sized businesses with cybersecurity training and services developed for the U.S. Special Operations Command and the U.S. military. MainNerve is affordable. Unlike some of its competitors, there are no startup costs, no capital required and no integration or installation charges required to get started on establishing a defense-grade security program.
Call MainNerve today, 877-889-6600, or request more information at our website. Ask about our risk assessment service and learn how MainNerve can put defense-grade cybersecurity measures to work for your company.
Sponsored by Main Nerve