If you can’t see it, it doesn’t exist, right? When an ostrich senses danger he buries his head in the sand. In fact, he doesn’t, it’s an old wives tale that still sticks today, but it has spawned a few theories that psychiatrists call the “Ostrich Effect.”
Apparently, the ostrich effect is prevalent in humans. It is our natural instinct to avoid unpleasant or difficult news or situations. It’s the “out of sight out of mind”, “if you don’t see it, it doesn’t exist strategy”. Unfortunately hiding from a problem doesn’t make it go away. It just continues without you. In fact, the ostrich effect just delays the inevitable.
This is the state of cybersecurity in the small to medium sized business market today. The threat exists. It’s real. It’s growing. It is not going away and if we continue to bury our heads in the sand, it is going to get much worse. So, what do we do?
First, we acknowledge the problem. Second, we seek to understand it. Third, we accept our responsibility and discover strategies to prevent and defend ourselves and others. Remember that when it comes to cybersecurity, you are not only protecting yourself and your company, you also have a responsibility to protect your customers. Your desire to stick your head in the sand when it comes to cybersecurity protection is a blatant disregard for your customer’s safety and well-being. That’s why statistics show that companies lose 60% of their clients after a data breach where personally identifiable data is exposed.
So let’s get our heads out of the sand and take a real look at the problem. Here are a few things to know.
- Cybercrime is expected to cost the world over 6 trillion (that’s a “T”) dollars by 2021. That’s only four years from now.
- SMBs are under attack as cybercriminals understand SMBs have fewer resources and far less protection than larger entities.
- Half of all cyberattacks are against SMBs.
- Ostrich Effect statistics: 77% of SMBs say their companies are safe from cyber-attacks yet 83% of them have no formal cyber security plan.
- 6 out of 10 SMBs do not have a contingency plan should they undergo a cyber-attack. Most are not aware of the laws in their state regarding responding and reporting a cyber breach.
- 66% of SMBs say they are not worried about a cyber-attack.
- Most SMBs do not have policies in place to provide procedures for employees in the case of an attack.
- While most small businesses feel that they have adequate protection for themselves and their customers, Visa, Inc. reports that SMBs represent over 90% of payment data breaches.
- Most small businesses do not have any cyber security training in place for their employees while 83% of breaches are caused by untrained employees being duped by phishing and spear phishing activities.
Understanding the scope of the cyber security problem facing businesses today is difficult to comprehend. The global nature of the problem, the sophistication of the criminal element at work, the damage to reputations, the loss of business opportunities, and the financial impact is almost unfathomable. When we consider the impact of cybercriminal activities, for people, business, and the world economy, we measure it in millions, billions, and trillions. Simply stated, millions of businesses, hundreds of millions of people, and billions and even trillions in global currency are at stake. The problem is so large that cybercrime has the power to disrupt the global economy. Given the scope of the problem and the potential damage it presents, what do we do? Interestingly enough the answer is not as complicated as you may think. It involves accepting the problem as a clear and present threat, taking proactive steps to protect yourself, your company, your customers, and continuing education and training. Accepting that the threat is a clear and present danger is easy. It requires us to understand the ostrich effect. Denial is not a solution. The sooner we lift our heads from the sand and look around the sooner we can deal with the problem. Once we are aware, we can take steps to prevent and protect. The National Cyber Security Alliance has published a list of simple steps all SMBs can take to start a solid cyber security foundation.
- Understand what you need to protect: Look at where your information is being stored and used, and protect those areas accordingly.
- Enforce strong password policies: Passwords with eight characters or more and use a combination of letters, numbers and symbols (e.g., # $ %!?) will help protect your data.
- Map out a disaster preparedness plan today: Don’t wait until it’s too late. Identify your critical resources, use appropriate security and backup solutions to archive important files, and test frequently.
- Encrypt confidential information: Implement encryption technologies on desktops, laptops and removable media to protect your confidential information from unauthorized access, providing strong security for intellectual property, customer and partner data.
- Use a reliable security solution: Today’s solutions do more than just prevent viruses and spam; they scan files regularly for unusual changes in file size, programs that match known malware, suspicious e-mail attachments and other warning signs. It’s the most important step to protect your information.
- Protect Information Completely: It’s more important than ever to back up your business information. Combine backup solutions with a robust security offering to protect your business from all forms of data loss.
- Stay up to date: A security solution is only as good as the frequency with which it is updated. New viruses, worms, Trojan horses and other malware are born daily, and variations of them can slip by software that is not current.
- Educate employees: Develop Internet security guidelines and educate employees about Internet safety, security and the latest threats, as well as what to do if they misplace information or suspect malware on their machine.
You have worked hard to build your business. You have invested time, energy, resources, and your passion into your company. Now is NOT the time to be an ostrich! The world is changing and it’s time to pull our heads out of the sand and fight back against those who would steal our livelihoods.
Our company, The Tek, is on a mission. Our mission is to help you protect your company. Our pledge is to offer you common sense affordable cyber security solutions that work. It’s just that simple.