Blame Game
Heartbleed, BladeLogic, Backoff: These aren’t the names we remember. All too quickly we forget the lurking threat of malware and its perpetrators, while their victims’ names linger in our collective consciousness. We remember the scandal, but forget the warning.
Technologies are evolving exponentially, with hackers riding the wave of progress toward malevolent ends. Executives and IT experts alike struggle in what feels like a losing battle. Lately, conversations over the varied nature of cyber responsibility have been intensifying.
As a CEO or business owner, maintaining an efficient and secure business is your overarching duty. And contrary to common belief, executives’ responses to data security warnings walk the thin line between early detection and a full-scale breach. Livelihoods and reputations hang in the balance. So before a security breach wreaks havoc on your life’s work, take time out for a candid conversation about risk. Bring your ‘A’ game, include your team, and trust that together, we can pin down a comprehensive solution.
Hammer Time
Sifting through cybersecurity news, we find a persistent refrain: Denial. Call it what you like—rejection, refusal, negation, or dismissal—IT workers consistently encounter a nonchalant attitude when warning of system vulnerabilities. Such a blasé approach figured heavily in a recent and already notorious data breach. The New York Times reports that as far back as 2008 alarm bells were sounded—and ignored:
"Several former employees said they were not surprised the company had been hacked. They said that over the years, when they sought new software and training, managers came back with the same response: 'We sell hammers.'"
To objective observers, it seems unfathomable that a giant, multi-national chain could fail to see the forest for the trees. Yet, when we scrutinize our own lives, our own businesses, we may discover a similar tendency toward denial, and the proverbial it-could-never-happen-to-me syndrome. Folks, we are walking on thin ice and the hammer's about to drop. Seriously—Are You a Low Hanging Fruit? Here’s the point: It’s not what you sell, it’s how you sell it. Cash has become all but obsolete, and data storage is less tangible than ever. Hackers are searching for an unguarded entry point. Holding customers’ personal data in your system or storing it in the cloud without adequate security measures is their ticket in.
“There are three types of companies: companies that had a cyber issue, companies that are going to and companies that are in the middle of one
and haven't figured it out yet.” ~ Robert Parisi, Marsh & McLennan
Let’s be frank—Many business owners have a hazy idea of the dangers menacing their businesses. And not without cause: Cybersecurity is not every CEO’s forte, nor is it expected to be. For this and other reasons, warnings are met with indifference, time and again. It would seem that a lack of knowledge is generating a lack of urgency. Regardless, the fingers point at a company’s management when things go wrong.
Unfortunately, it seems we have allowed insular thinking to cloud our vision. When taking the stance that ‘my business is too small to be a target,’ threats and the need for protection are easily downplayed. At the same time, some larger enterprises are taking note. Their increased security measures compel cybercriminals to shift their gaze toward the low-hanging fruit.
The 60 Percent
Not surprisingly, the Federal Government is taking notice of the data breach epidemic. Chris Collins, chairman of the House's Subcommittee on Health and Technology cautions that many small businesses “have a false sense of security and believe they are immune from a possible cyber-attack." He continues,
“Although attacks on small businesses don’t make the headlines, … nearly 20 percent of cyber-attacks are on small firms with less than 250 employees. Unlike a large company, small businesses may not be able to survive a cyber attack.”
Chairman Collins highlights a sobering truth. According to statistics, nearly 60% of small businesses are not able to weather the cyber storm, and will be closed within six months.
IT experts realize the danger. Government officials acknowledge the severity of the threat. ‘Should haves’ from affected companies are constantly in the news, and increased automation enables cybercriminals to hit more targets than ever. Put plainly, there is no justification to postponing the security of your business.
We're Here to Plug the Whole
If you’re unsure as to the next step forward, Zinc agents can help light the way. While procedures and safeguards you enact will be specific to your needs, certain variables apply across the board:
Which employees have access to online payment systems or other secure accounts?
Are passwords complex and frequently changed?
Is a policy in place to manage employees’ internet use?
Are mobile devices exposed to unsecure networks? Are they used for storing both personal and business information?
Is customer data encrypted?
Do ex-employees retain authorization within your network?
In addition to the above risks, fees associated with a data breach—disclosure, legal costs, compensation, etc.—are enough to break a small business. And according to Ponemon Institute, security breach costs are on the rise globally. Compound the monetary risk with the resulting distrust from previously loyal vendors and clients, and the damage to a company’s reputation can be irreparable.
Now that the risks are clearly in mind, let’s work on protection. When it comes to implementing protective measures, open communication with your IT staff is key. Also essential is an incident response and crisis management plan, which could ultimately save your organization hundreds, if not thousands when you’re left picking up the pieces. It must be emphasized: A multi-layered approach to protection is vital. So whether a solid business insurance policy can carry your company’s risk, or a robust cyber insurance policy is more suited to your needs, coverage informed by risk is a safe choice.
At Zinc, we applaud your readiness to safeguard your business, employees and clients from the dangers posed by cybercriminals. We also acknowledge that while crucial, assessing both current and anticipated needs can be daunting. There is no need to go it alone, and the complexities needn’t lead to paralysis. Give your trusted Zinc agent a call, and we can break it down, together. So while you are in the trenches, we can do the shopping. Our team will evaluate your needs and find the cyber insurance policy that best fits them. As always, your best interest is our priority. From practical tips, to the ideal policy: we have you covered.
