SMB's Often Play "Press Your Luck" With Cyber Security
Negligent employees are the no. 1 cause of data breaches at small and medium-sized businesses (SMBs) across North America and the UK, with 54% of IT professionals reporting that careless workers were the root cause of cybersecurity incidents. -Keeper Security and the Ponemon Institute, 2017.
Whether small, medium, or large, companies face a significant threat in the security of their data with insiders. It doesn’t matter if employees are happy or disgruntled. If your organization has a poor passwords policy, your employees routinely click on links, or have poor mobile device habits. Your company will have to deal with the challenge of spending all of this money on security devices and software only to have an employee cause damage.
The biggest difference between a SMB and a large corporation is how much money and time is it going to take fix the problem? Ransomware to a large company is a nuisance, ransomware to a SMB may mean going out of business. I had a SMB client go out of business because of a disgruntled employee who had access to a system that was out of scope for the job being performed. SMB’s are in the better position than large companies to make changes through security awareness training and hygiene principles, but unfortunately they tend to play “press your luck” when it comes to prevention. My advice, as we are in budget planning season, set some money aside, do a risk assessment and find out where you are vulnerable, and secure against your top risk.
Knowing is half the battle.