Did you know there are minimum effort benchmarks for cybersecurity practices? It’s true! There are several organizations that have created best practice lists when it comes to cybersecurity and published them at no cost to you, the business owner. Here’s a quick list to get you started: CIS Top 18, NIST 2.0, and CMMC. Don’t let those names scare you off; they’re actually your friends!
Now, let’s be honest. It’s easy to discount what you should do in light of what you’ve done. Meaning, if you’ve done zero/little to secure your business’s technology and have managed to not have a security incident, it’s easy to think that type of passivity will benefit you in the future. After all, who wants to pay all that money for securing your technology? It seems like a waste when you could be spending those dollars on marketing or revenue generation. I get it. I really do.
But here’s the Big Idea: What has worked in the past will more than likely not work in the future.
The biggest economic disrupter in human history, AI, is underway. We’re in the beginning stages of seeing the ramifications of AI in cybersecurity (increased attacks, better ways to trick people, etc.) and so far, the rate of change and escalation of sophistication of attacks is… well, frankly, it’s terrifying me.
Prior to AI, 40-60 year olds were still falling prey to phishing attacks with communications from hackers that included misspellings, illogical time-based deadlines, and outright fantastic tales of sudden inheritance. The impacted businesses would chuckle about it, maybe warn a few folks, and move on. I remember hearing stories from my own family – a neighbor getting a fake email about a lottery win, filled with glaring errors.
Now, with AI, the sophistication of hackers has bumped up to 11. And a large majority of Boomers and Gen Xers are falling victim. These aren’t your grandma’s poorly-written scams anymore. AI can now generate emails that are perfectly tailored to individuals, using publicly available information to create a sense of urgency and trust. Think about it: an email seemingly from your bank, flawlessly written, referencing a recent transaction, urging you to “verify” your information with a link… it’s tough to spot.
More than likely, your business is currently employing Gen X’ers because they are honest, hardworking, take people at their word – and they’re prime targets. If you don’t take steps now to protect your business and your employees with cybersecurity best practices, you are staring down the barrel of an impending security incident. And let me tell you, a security incident can be devastating. It’s not just about lost data; it’s about lost trust, lost productivity, and potentially, lost revenue.
So, What Can You Do?
Don’t panic! You don’t have to become a cybersecurity expert overnight. Start with the basics. I would recommend taking a look at the CIS Top 18 controls. They’re built specifically for small businesses and provide a prioritized list of actions you can take to improve your security posture. Think of it as a checklist for your business’s digital safety. You can find them online – just Google “CIS Top 18.”
Beyond the Checklist: Proactive Protection
Look, I get it. You’ve got a business to run. You’re busy. Spending hours wrestling with firewalls and security settings isn’t how you want to spend your time. That’s where a partner can help.
If you would like to partner with a technology company that will not only do this work for you, but also squash the day-to-day grind of tech support problems your employees are currently having, schedule a no-cost 60-minute “right fit” meeting with me (link below). We’re not just about selling you technology services; we’re about understanding your business and providing solutions that make your life easier, your business more secure, and ultimately assist in generating you more revenue. Let’s talk about what a secure and streamlined business looks like for you.
-Cole
