Did you know that October is National Cybersecurity Awareness Month (NCSAM)? Well, you do now. Also, according to the Department of Homeland Security (DHS), October 2018 marks National Cybersecurity Awareness Month’s “15th year as an annual initiative to raise awareness about the importance of cybersecurity.”
This makes October the month for everyone to work on their cybersecurity awareness so they can keep their networks safe from the seemingly endless cyber threats they face. Why is maintaining cybersecurity awareness important, and how can you manage the various cyber threats that your business faces?
In most organizations, there are a few technology resources that need to be protected—either from being stolen or from being rendered inoperable. Ricardo, our Director of Sales, likes to call these resources the “Crown Jewels” for that company. A company’s crown jewels are resources so precious, sensitive, or vital to their day-to-day operations that, if something were to happen to them, the company would face severe consequences.
The thing about any organization that lacks cybersecurity awareness is this: they can end up putting their crown jewels right out in the open where anyone can take them without ever realizing it. It would be like the U.S. Mint putting their printing plates on an open-bedded truck with no security, or the Tower of London leaving the Crown Jewels of the United Kingdom loose on a random counter of the gift shop, 24/7.
Businesses that fail to maintain strong cybersecurity awareness are at an increased risk of suffering a major data breach without ever even realizing it. According to information cited in the 2018 Cost of a Data Breach Study by IBM and the Ponemon Institute, “the average cost of a data breach globally is $3.86 million.”
Ask yourself this: How would a sudden expenditure of nearly $4 million impact your business’ cash flow? How about the impacts to your business’ operations that would occur if you lost access to the “crown jewels” you needed to complete your day-to-day work?
Even for a business that could treat a few million dollars as a drop in the bucket, cybersecurity awareness is a must—because larger companies tend to have larger and more numerous cyber risks—meaning bigger breaches that cost more to deal with. In fact, the so-called “mega breaches” (breaches where 1 million to 50 million records are compromised) cited in the Ponemon study “cost companies between $40 million and $350 million respectively.”
Most businesses are subject to one or more major regulations that require strong cybersecurity measures to be in place—such as the Health Information Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standard (PCI DSS), or the Gramm-Leach-Bliley Act (GLBA). Failure to meet the standards of applicable industry regulations can lead to fines and negative PR that make it harder to conduct business.
In many cases, companies should seek to exceed the requirements of industry regulations so they can better protect themselves, their customers, and their public reputation. A corporate culture that promotes cybersecurity awareness is one that is more likely to meet or exceed regulatory compliance requirements.
Do you know what can only be given, and never taken? It’s a commodity that every business needs to thrive—because if you don’t have it, nobody will do business with you. This precious resource is trust—and it has to be earned through constant effort and vigilance.
A loss of trust can be difficult to quantify—but the fiscal impact is very real. For a real-world example, consider the Target Data Breach of 2013. After that breach, Forbes reported that Target’s “profit fell nearly 50% in its fourth fiscal quarter of 2013 and declined by more than a third for all of 2013.” Basically, business dried up severely during the crucial holiday shopping season because of the data breach and how it impacted the public’s trust in the company.
By promoting cybersecurity awareness in your organization, you can help ensure that your company has stronger security overall—helping to prevent the kinds of data breaches that cost you the public’s trust (and the loss of business that results).
To summarize, you should care about cybersecurity awareness because:
So, how can you improve cybersecurity awareness in your organization? Well, we’ll be putting up a whole host of cybersecurity awareness tips and articles throughout the month of October to help you out, so be sure to subscribe to our blog to catch each new article as it comes out!
In the meantime, contact us to learn more about how you can promote cybersecurity awareness in your organization!