We see headlines such as “Capital One Suffers Data Breach Affecting Over 100 Million Across America” all the time. Sadly, the more we see headlines like these, the more desensitized we are to them. We see our personal information exposed such as names, email addresses, and even social security numbers as a normal everyday occurrence. Some of us hear these headlines and take the time to monitor our credit, change our passwords, and invest in addition coverage. Most of us do nothing at all and will unfortunately just brush this off until it’s too late. What makes us believe that we are immune to the reality behind these data breaches?
Change Your Mindset
Small/medium sized organization business executives are the biggest culprits of this dismissive mindset. They are also, ironically, the largest targets at risk. We constantly hear C-level executives ask “why should we invest in a [cybersecurity] program that we will probably never actually need?” Well, why do you buy car insurance if you may never get into an accident? Why do you put money into a retirement fund when you may not even reach the age of retirement? A cybersecurity investment should be treated the same way because, unfortunately, cybersecurity incidents are becoming part of our everyday lives. Investments up front provide stability and reassurance for the future.
Prevent, Detect, and Respond to Cyber Incidents
It’s not just about the future protection and recovery for the “what ifs”. A true program will also provide ways to detect and prevent incidents from occurring as well. Programs such as cyber awareness training for your employees is important for the same reason you would teach your children how to ride a bike before sending them off on their own. Managed detection and response technology should be just as ordinary as installing a smoke detector in your hallway with an automatic fire department notification system. It is important to protect yourself and your organization from all angles. Your company may not be large enough to make headlines, but it’s never too small to suffer from a data breach.
Enterprise Corporations vs. Small Organizations
The large corporations that are making the headlines such as Target, Facebook, Equifax, and Capital One will eventually be able to repay and recover from their lost costs because they are financial giants. Breached SMBs will have a much more difficult struggle to survive. In fact, according to a recent study by IBM, small businesses face disproportionately larger costs relative to large organizations. The total cost for large organizations with more than 25,000 employees averaged $5.11 million per breach, which is $204 per employee. Smaller organizations with less than 500 employees had an average cost of $2.65 million per breach, or $5,300 per employee. Thus, smaller organizations have higher costs relative to their size, which can hinder their ability to recover financially from the incident. Can your organization afford to lose $5,300 per employee per breach?
Organizations that choose to remain unprotected jeopardize their financial standings, reputation, and overall livelihood. We need to take all data breaches seriously. To protect your proprietary information before a data breach destroys your organization, we suggest two preventative actions. First, you should check if your corporate credentials are compromised by running a dark web scan on your company domain. Simply request it by using this link https://kybersecure.com/dark-web-scan/. Second, you should create a plan to update or establish your cybersecurity plan. We can help you find the right place to start by running a gap analysis on your current policies, procedures, and technology. Go to https://kybersecure.com/nist-csf-gap-analysis/ to learn more.