October is here, that time when additional attention is brought to the importance of cybersecurity. For some companies, it’s the time to reaffirm their commitment to the plans they already have in place or the strategies they intend on launching to further the defense against cyber-attack.
For other companies, cybersecurity month might be the trigger to assess their exposure to cyber-attack and to put a plan in place.
For whatever reason, thinking about cybersecurity and the risks that can come from a breach, ransomware attack, or loss of data, is always a good thing to do, not for just one month but throughout the year.
Cybersecurity should be on the minds of management and operations leadership throughout the entire year. The technical division should be given direction and the budget to secure the organization. All three divisions should aim to work cohesively towards one goal, and that is to ensure safe and secure operations.
Why do I say this? Well bluntly speaking, an ambitious hacker or bad actor doesn’t wait until it’s Cyber Hackathon Month to practice their skills on your company. They work at it all year long.
They prey on companies that have no security defenses in place. They focus their attention on the SMB space (Small Medium Business) 43 percent of the time, according to security statistics.
They know that most of these companies do not take security seriously enough. They also know that these companies may not have the right defense in place, which makes them an easy target.
Here are some humbling stats, courtesy of Varonis:
- 95% of cybersecurity breaches are caused by human error. (Cybint)
- 88% of organizations worldwide experienced spear phishing attempts in 2019. (Proofpoint)
- 68% of business leaders feel their cybersecurity risks are increasing. (Accenture)
- On average, only 5% of companies’ folders are properly protected. (Varonis)
- Data breaches exposed 36 billion records in the first half of 2020. (RiskBased)
- 86% of breaches were financially motivated and 10% were motivated by espionage. (Verizon)
- 45% of breaches featured hacking, 17% involved malware and 22% involved phishing. (Verizon)
- The top malicious email attachment types are .doc and .dot which make up 37%, the next highest is .exe at 19.5%. (Symantec)
- An estimated 300 billion passwords are used by humans and machines worldwide. (Cybersecurity Media)
So, what does this all mean? It means that ALL companies need to take IT security more seriously more often than just one month of the year. The topic of IT security needs to be moved to the top of the board room meeting agenda.
If you are unsure about where to start, or if you need to outsource your security, there are many companies that can assist you, including ours.
In the meantime, we have recorded several podcasts on security aimed at providing our listeners with the answers to the questions that are on their minds. Selecting a Service Provider, how to Identify the Corporate Crown Jewels, and what you Need to know about Security Compliance, are just a few of the podcasts we have available.
You can find these podcasts here https://secusolutions.com/podcasts/
We offer a free consultation online with anyone group or individual that is looking for direction. No obligation to purchase, just solid security advice from a company with 21 years’ experience in cybersecurity.
Use this link to secure your appointment today. We look forward to speaking with you.
https://secusolutions.com/schedule-appointment/
Jim Kootnekoff