The notion of security in the workplace isn’t a new one, but the pandemic underscores the importance of network security.
With the onset of the COVID-19 pandemic, many office-based companies transitioned into home-based operations. In the process, they disregarded many protocols in the name of maintaining productivity, but now is the time to reassess the approach to security.
The number of cyberattacks continues to increase, and far too many home-based and small-to-medium-sized businesses (SMBs) are unprepared for an attack — despite the news coverage of so many incidents.
Many SMBs do not have in-house IT resources, and their security budgets are often minimal or nonexistent. It may be part of their DNA to go it alone and avoid hiring such resources, but compounding the problem is that many organizations’ leaders view the matter as falling outside of their day jobs, opting to focus their attention on operations and growth.
The risk is real
If the pandemic caused many businesses to slow down or adjust their plans, hackers didn’t miss a beat. They remain ready, willing and able to attack, and their methods are growing increasingly sophisticated; that trend is likely to continue as the world emerges from the pandemic.
In a pre-pandemic report, Accenture noted cyberattacks and their associated costs were rising. The report indicated new work “arrangements,” specifically the more frequent use of remote workers and contractors, made employee training a more urgent need.
Many companies might be tempted to dismiss the threat as one only facing larger organizations, but that would be unwise. Accenture research also found 43% of online attacks target small businesses, and a meager 14% are prepared to defend themselves.
The problem is only worsening; since the start of the pandemic, the FBI said it has seen a staggering 300% increase in reported cybercrimes. According to IBM security, the average cost of a security breach is $3.86 million.
The first step is to acknowledge the problem
It is impossible to fix a problem without first recognizing it. But even after a company acknowledges it may have a security weakness and vows to take action, many do not know where to start.
As a first step, organizations should conduct security and risk assessments, examining operations, architectures, policy compliance, and privacy policies.
The goal isn’t to find fault or look for a scapegoat for any previous missteps but to find weaknesses before a hacker exploits them. It’s about evaluating current capabilities to protect information and manage associated risks.
Once SMBs have a security solution in place, they often don’t have the resources — or the wherewithal — to maintain it over time, making them more vulnerable.
As a result, SMBs opt to do nothing, increasing their security risk when they should be mitigating their exposure. The hackers will be ready to act, even if you aren’t.
Prepare today for the reality of tomorrow
Success in the brave new world requires a new way of thinking. Leaders can no longer attack a problem such as cybersecurity the way they previously did.
Even if the world is starting to emerge from the throes of the pandemic, the cybersecurity threat will remain ever-present. The world will not return to “the way it once was;” the workplace landscape has forever changed.
Security is not a one-and-done affair. It must be embedded into an organization’s culture, and individual team members must recognize it is everyone’s responsibility. A chief security officer may take the lead, but everyone has a role to play — and the smaller the organization, the more critical individual team members are to that mission’s success.
The best security protocols are worthless and destined to fail if the entire organization does not buy into them.
Small business owners face enough challenges. Navigating the ever-expanding cybersecurity landscape shouldn’t be one of them.
Do you feel prepared to face the future cybersecurity challenge?