Our country loves to celebrate with National Month of groups, events, or causes. Did you know there is a National Celery Month (March), National Novel Writing Month (November) and Smart Irrigation Month (July)? October is the host of National Cyber Security Awareness Month, first started over 10 years ago by Cyber Security Division within the Department of Homeland Security and the National Cyber Security Alliance (NCSA, a non-profit organization).
WHY SHOULD BUSINESS CA
Cybersecurity careers have never been more promising
Some topics we forget about during our business work days. We focus on ways to improve our profit, create competitive edge, and hire great staff. Some topics like annual budgets, employee reviews, and insurance assessments we tend to do just in time. CyberSecurity Month creates an opportunity to remind us to focus on a significant business risk.
Think about it – what would happen to your business if your customer information was stolen? Or a hacker accessed your bank account? How much would a day or a week of lost productivity due to a malware or ransomware attack impact your monthly revenue and sales goals? What about the customer service impact?
SIX MUST DO ACTIVITIES
1. Meet with your IT person, whether it is an in-house person or a vendor. Talk to him/her about what you see as risks and ask about risks he/she worries about. Find out what is on his/her wish list for your IT cyber security. It might be more training, a new policy for internet use or updated hardware. Listen closely to learn about where his/her fears are in protecting your business. And if they say everything is fine, get another IT person or vendor to look at your security measures. Your person is either not being honest with you or doesn’t understand the changing security risks. Cyber-attacks are very sophisticated and prevalent today.
2. Think about budget. Yes, another line item you must plan for in your annual budget. Security costs money. If you want to protect your intellectual property, financial information, and all things data, you must invest in security. Businesses that have physical inventory plan for security expenses such as employee security systems, property fences, and security guards. Data is as vulnerable if not more than physical inventory.
3. Talk with your Board of Directors and investors about the potential risks and your cyber security plan. They need to know what is at risk just as they do about other risks your company deals with. A great book that you and your board should read is Cyber 24/7: Risks, Leadership and Sharing by NCI Fellow Peter ODell.
4. Connect with a cyber-security specialist and a cyber-forensics specialist. You will probably need their services sooner than you think. Do not wait for a crisis before knowing who you can call on to assist you prepare and recover from a data breach.
5. Hold a staff meeting. Talk about cyber security with everyone on your payroll. Share with them why security matters and how they can help you protect your company. Give them key ways to protect themselves from being personally hacked and let them know how that applies to their work environment.
6. Talk with your insurance provider about cyber insurance. Different types of coverage are available. Learn about options to cover data breach recovery as well as insider hacking.
Be cyber safe. Don’t assume you will not be a hacker’s target. You are more likely to be a victim of a cyber-attack than a physical theft.