Most business owners lump everything “computer-related” as an IT problem.

They often believe the IT person or company is accountable for all cybersecurity issues, which is a problem.

Most IT providers aren’t doing much to address their part by improving their services and communicating clearly with their clients, which is a problem.

This is NOT a technical discussion, but a business discussion, and YOU, the business owner, have a very significant role in the outcome. You need to speak the same language. Just like ordering a Tall Skinny at Starbucks, do you know what you will get?  Your IT company must explain things in common terms and you must question when you don’t fully understand what is being said.

Managed IT Services promotes “we are your trusted IT department”, but the person or company providing this service is living with opposing beliefs – what they think their role is and what YOU think their role is.

We aim to close the chasm between what the “IT guy” can do and what the CEO expects them to do.

Typical Managed IT Services include antivirus, anti-malware, email protection, firewall protection, hardware, and software patching, which, at one time, was all that was needed…but that is no longer the case.  The changing threat landscape requires new safeguards. A comprehensive security program is now required to prevent loss of data, loss of business continuity, loss of money to fines and mitigation, etc.

That’s where the CEO/business owner comes in. You and your company’s leadership, not just the IT department needs to understand a few things:

The Problem: Know your Risks

• 58% of cyberattacks target small business
• 86% of small businesses don’t have the ability to mitigate risks
• Businesses have an average of 10 vulnerabilities per system

The Importance: How much Impact are the Risks?

What Level of Risk are you willing to accept.

The Solution: Mitigate your Risks

The Cost: Do nothing vs Implement solutions.

What is the true cost to the business?

• Recovery Fees
• Fines
• Legal Fees
• Reputation Damage
• Business interrupted by investigation and downtime
• Telling your customers
• In 2017, cyber-attacks cost small and medium-sized businesses an average of $2,235,000
• 60% of small companies go out of business within six months of a cyber attack
• 75% of small businesses have no cyber risk insurance

So, let’s ask the question – Who is Responsible? Is it the IT Department / Company responsible for the breach? Surveys say, 40% believed that the CEO would be first on the firing line, followed by the CISO (21%), “Other” (15%) and CIO (14%).

• Your employees cause most breaches, by accident or by a malicious insider.
• 94% of malware is delivered via email, about 9 malicious emails per user per month
• 44% of data breaches are at the hands of vendors / third party business associates, but human error and stolen passwords accounted for 26% of breaches.
• If you have a password policy, 65% of respondents say they do not strictly enforce it
• Usually, recommendations from an IT provider are not followed.

Cybersecurity is a Shared Responsibility

You must rely on your employees to protect the front lines!  Give them the knowledge to fight back and protect the company and their jobs!

Call Now for a Free Consult to Learn about Security Risk Assessments, Employee Training, and Managed Security Services!

859-899-8841 or info@integrityky.com

https://www.securitymagazine.com/articles/89287-who-in-an-organization-is-responsible-for-a-data-breach

https://blog.alertlogic.com/5-cybersecurity-statistics-every-small-business-should-know-in-2018/

https://www.cnbc.com/2018/06/21/the-biggest-cybersecurity-risk-to-us-businesses-is-employee-negligence-study-says.html

https://www.beckershospitalreview.com/cybersecurity/44-of-data-breaches-are-at-the-hands-of-vendors.html