Small and Mighty: Cybersecurity for small and midsize businesses
Across Canada and throughout the world there is a new reality that has created an indelible impression on every person, business owner and public figure. This realty is founded on the fact that cybercrime is clearly now a pervasive threat in society and that cybersecurity has become a shared risk for all of us. And like any pandemic, it is a risk that is now a shared responsibility that will require a shared effort by all of us to control.
Fortunately, that effort is underway in both the public and private sectors. October is cybersecurity awareness month and the Government of Canada has created a 5 week curriculum to continue to educate the public on cybersecurity awareness and prevention. Cisco is also actively participating in the awareness effort and has released a cybersecurity special report that is designed to help small and midsized businesses. The report, titled ‘Small and Mighty’, is focused on how small and midsized business can fortify their defenses against today’s threats.
The Cisco report discusses today’s cyber threat landscape and illustrates how every organization, large or small, is at risk for an attack. Unfortunately, the report points out, small and midsize businesses are increasingly the focus of cyber criminals. Attackers view these SMB businesses as soft targets that have less sophisticated security infrastructure and practices as well as an inadequate number of trained personnel to manage and respond to threats.
According to Public Safety Canada’s Cyber Security Strategy report, cybercrime costs Canadians over $3B annually. Of particular importance to Canadian small and medium businesses, the US based Better Business Bureau recently concluded through a study that only 35% of SMB organizations are capable of remaining profitable for more than 3 months if they permanently lose data as the result of a cyberattack. The challenge to maintain cyber hygiene becomes even more relevant to small and midsized businesses with the impending legislation in Canada that requires on November 1, 2018 that all companies comply with the Personal Information Protection and Electronic Document Act (PIPEDA). This breach notification act requires any business to report a cyber breach if the attack is likely to create significant harm associated with the affected data loss.
So how does a small and medium business develop a strategy to operate in this new reality? It begins with the acknowledgement that cybersecurity must be a business priority and not an afterthought for an organization. Small and medium businesses need to develop a comprehensive cybersecurity strategy focused on prevention, detection and response to address this pervasive threat. Owners should consider working with an established security company that has the experience and resources to provide a Cloud to Core solution to optimize a security platform. A consolidated approach to cybersecurity is not only more efficient, but provides greater efficacy as well to help a business understand the cyber threat and how to respond. In addition, this approach is more likely to enable a Canadian SMB to meet the requirements of the Government of Canada’s forthcoming voluntary assessment and certification program designed for small and medium businesses. The future certification is intended to increase consumer confidence and better position SMBs to compete globally.
Ultimately, this is the new reality and its challenge can be met when we all work together. Let’s demonstrate the resolve to win this fight.