One of many common denominators that modern corporations face regardless of size, industry vertical and revenue is technical vulnerability. Without reiterating the monetary impact and disruption to business that IT attack’s result in, taking a proactive and engaged approach is your best defense. The reality of the starting point is that Canadian small and medium businesses are faced with obstacles right off the bat such as:
- Limited dedicated resources onsite to undertake IT Security initiatives
- Budget allocation to outsource their IT services to a 3rd party consulting firm specializing in cybersecurity and IT Audit
- Rising presence of CISO, CSO, IT Security Analysts, but not a norm
- CISSPs, CISA and other certified security practitioners most commonly employed at an enterprise institution
Albeit the magnitude of each roadblock differs depending on the particularities of the corporation, one trend seems to stand out: utilizing your network and communicating the difficulties surrounding IT security. For example, my colleagues in sales and marketing speak to customers in a consulting manner as the needs of each client are unique. In a perfect world, IT security would be standardized and equally adopted across all institutions, but it is not and for obvious reasons. Third party consulting firms and even government are setting the tone for what’s to come.
In the spring of 2016, Premier Peter Gallant, the Premier of New Brunswick opened the doors of CyberNB, a provincially funded cybersecurity research institute:
“He says the province can capitalize on the growth of cybercrime, which he pegged at being worth $400 to $500 billion a year in violations, by encouraging the growth of companies that fight it.” *
Though there are monetary motivations for his research institute, there is a clear and unequivocal connection between the technologies surrounding IT Security and ‘the people’ component. Perhaps we are often narrow minded and default to our reactionary beliefs:
If our IT Infrastructure is breached, we need X, Y and Z.
The resounding certainty appears to be the threat of breach is real for all of us, so let’s start taking the measures to get ahead of it. Canadian small and medium businesses are just as vulnerable to data breaches as global corporations. If you know you need to ramp up your IT Security, but your organization lacks the resources to get it done, you are not alone and others are starting to do something about it. Connect with someone on LinkedIN, reach out to your audit firm or ask someone at the office if they’ve heard about breaches or IT Security related exposures, but don’t ask about the devastation or monetary impact. Ask about what they did after, so that you and your employees are secure. There are great technologies in the marketplace but getting there requires that you take the initiative to reach out to seek IT security advice before it’s too late.