Cybersecurity: Why your business needs prevention and protection measures in place (article)

Cybersecurity: Why your business needs prevention and protection measures in place (article)

Information security is the safeguarding of your organization's information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction to ensure its availability, confidentiality and integrity. Loss of one or more of these attributes can threaten the continued existence of even the largest organization.

Any business provider that uses technology to conduct business and manage client information needs to know what’s at stake. Loss of confidential information and data breach liability are huge risks for businesses, especially when they don’t have proper cyber prevention and protection measures in place.

When cybersecurity is not part of your business process, it leaves a company vulnerable to a range of security issues. Last year, the average cost of data breaches reached over $3.5 million – a 15 percent increase from 2013.

The following are three key reasons why cyber prevention and protection are vital in 2015:

  1. Hackers don’t discriminate. In 2013:
    a.  61% of all targeted attacks were against Small and Medium size businesses.
    b.  There was a 91% increase in attacks against businesses.
    c.  There was a 62% increase in the number of breaches.
    d.  Over 552M identities were exposed via breaches.
  2. Advances in technology have made businesses more susceptible to breaches, making safeguarding
    one’s business more important than ever. In fact, small business cyber‐attacks nearly doubled from
    2011 to 2013 from 18 percent to 31 percent.
  3. Cyber breaches extend beyond a company’s firewalls; outside contractors also are included within the realm of risk.

When it comes to cyber security there are four key things every business need to know or do:

First, understand what’s at risk, know what assets are most valuable to the business and where these assets are supposed to reside, where they actually reside, who touches them and how access is managed.

Second, identify the holes in the organization’s defenses. For instance, at least once a year conduct a cyber vulnerability or penetration test to see whether any unintended parties can access critical assets.

Third, conduct security awareness training for employees. Studies have shown that up to 30 percent of data breaches are related to the operation of negligent employees’ or contractors’ (human factor) accidental release of private data.

Finally, be proactive to protect the business by:

  • accepting that security will be compromised;
  • considering ‘cyber’ in all activities;
  • focusing on critical information assets;
  • being prepared to respond; and
  • getting the basics right.

Being proactive and taking preventive steps to identify your sensitive information and the vulnerabilities that put that information at risk are critical to protecting your business.


Chris Roach

CBIZ Risk & Advisory Services
Houston, TX
Tel: 281.844.4239
Email: [email protected]

Cybersecurity: Why your business needs prevention and protection measures in place (article)2015-03-12T20:08:00-05:00