Cybersecurity Advice for Small and Medium Businesses
Raising cybersecurity awareness and sharing SMB information security success stories
Countless studies suggest that the smaller, less-funded, under-staffed, and oftentimes less aware businesses don’t have the means and wherewithal to stand up a cyber defense akin to what their larger cousins do. This is unfortunate, as this segment of the supply chain represent a significant chunk of risk - not just to themselves, but also to their business partners, and therefore, the supply chain as a whole.
The fact that it’s hard for these smaller companies to get a handle on their security posture doesn’t mean something can’t be done to address this risk. That’s where this Small and Medium Business column and webinar series comes in.
ITPSmagazine will be partnering with industry luminaries from around the world that have the first-hand experience and the expertise to help us raise awareness for this massive, underserved group of companies. In addition to raising awareness, we will begin to share stories of success and best practices that will help small- and medium-sized businesses take the first and subsequent steps necessary to address the cyber risks they face - increasing their security posture without breaking the bank.
Upcoming SMB Cybersecurity Webcasts on ITSP TV
The Full Webcast Series: Your Small Business Will Be Hacked - Because It Is Easy.
Some small and medium sized businesses make the assumption that because they don’t sell their goods or services online that they are not a target for cybercrime. Unfortunately, this is an assumption that is not rooted in reality. Unless the business - and it’s employees - are completely ‘off the cybergrid,’ so to speak, their connection to the Internet (think e-mail, a presence on social media, and even just a simple website) introduces risk that the business owners should at least be aware of. Sure, as a business owner, choosing to accept the risk is one option for dealing with it, but flat-out ignoring the risk could define the company’s success or failure. Join us for this webcast to learn about the cyber risks associated with your business being connected to the Internet, even if you don’t sell online.
EPISODE III | HISTORY OF CYBERSECURITY AND HACKING
This Episode is Sponsored by:
This episode is now available!
Hacking is not a new concept—it’s been around for as long as humans can remember. With each new technology introduced into society, people and businesses find ways to push it to the edge; getting more done, sometimes in new and exciting ways. Yet, at the same time, cybercriminals and other malicious actors are also pushing these same technologies to their own edge. Most business don’t think of the technologies they use in this way. Most only think of the business benefit they will get from their investment. The issue, of course, is that while they are looking at this innocently from their own perspective, cybercriminals are looking for ways to make a buck of their own. History repeats itself, however, and we can—and should—learn from the past. Join us for this webcast as we look back in time to apply the tried-and-true learnings and best practices to today’s business environment.
Diana Kelley, Cybersecurity Field CTO, Microsoft
Chris Roberts, Chief Security Architect, Acalvio Technologies
Gabriel Lawrence, GM Cybersecurity Protection, Toyota
Sean Martin, CISSP, Co-Founder and Editor-in-Chief, ITSPmagazine
Marco Ciappelli, Co-Founder, ITSPmagazine
MORE EPISODES ON THE HORIZON FOR THIS SMB WEBCAST SERIES
Episode IV: What is Cyber Security and Cyber Risk? Why Should You Care?
Episode V: How Can You Tell if You've Already Been Hacked?
Episode VI: Cyber Security Basics - Getting Started with Prevention
Published SMB Cybersecurity Webcasts on ITSP TV
More Cybersecurity Advice for SMBs
AN EXPERT PANEL STREAMED AND RECORDED LIVE FROM BLACK HAT USA 2017
Sean Martin | CISSP, Founder and Editor-in-Chief, ITSPmagazine
Russell Mosley | Director, Infrastructure & Security, Dynaxys
Rusty Sailors | Chairman, Protecting Tomorrow
Tom Caldwell | Senior Director of Engineering at Webroot
Small and medium businesses face countless threats, most of which have a human at their origin. These criminals, driven by financial gain, are essentially business owners – not unlike yourself – who are looking to spend as little money and as few resources as necessary to generate as much revenue as possible. Therefore, most cybercriminals target businesses that have one more more of the following attributes:
- Employees have access to computers, laptops, company email, POS terminals/tablets, customer service portals and other business resources that collect and/or store business and customer information
- The budget does not include cybersecurity protection measures
- The budget has little to nothing allocated for employee awareness training
- They think they are too small, have no useful information, are off the cybercrime radar, and are therefore not a target
Since most attacks aren’t really targeted in nature, that last point may not be too far off the mark. BUT this doesn’t mean that these business are off the hook. On the contrary, it means that it’s as simple as taking candy from a baby to breach an SMB. Why would cybercriminals spend a lot of money going after a Fortune 1,000 when they can spend just a few bucks to crack a small business?
During this live webinar, we explore the types of threats that small and medium businesses face and the business risk associated with these threats. It’s easier to get hacked than you think and it’s just a matter of time before it happens. Will your business be prepared? Are you doing everything you can to protect yourself beforehand?
Knowing that perfection is not possible, our panel of experts will look at 4 key steps that small and medium businesses can take to reach a reasonable level of cybersecurity:
- How to conduct an analysis in order to determine risk and the need to focus on cybersecurity within your business
- How to assess the cost of a breach, a loss of information and the impact that a cybersecurity event can have on your customers and partners
- How to create a plan to protect your systems, information, revenue and customers’ data
- Best practices for guiding your implementation: from segmentation to employee access control policies to information protection controls