Cybersecurity ended up in the eye of the storm late last year when the SEC charged SolarWinds and its CISO with fraud. It is a shot across the bow for public companies to get serious about their cybersecurity. For private sector companies, the government wants them to let everyone know when they experience a cyber attack.
Governments worldwide, from China to the UK, are taking a hard look at cybersecurity and data privacy and enacting national policies. The UK and EU legislated minimum requirements for networked products, and the US expanded reporting requirements for critical infrastructure industries.
How does a small business navigate these dangerous waters? As we know, regulation doesn’t always help the situation. Free resources are available at Stopransomware.gov.
It’s essential to develop a security mindset for your business that includes everyone. Your IT department has enough to handle as it is. All employees, including management, need to think about security regularly.
Make it easy for everyone to adhere to security protocols and not see it as a nuisance. Don’t overcomplicate things with constant password changes or complex password requirements. Use an MFA that works for everyone, regardless of location.
Have a Security Program Manager who oversees the security protocols and their use and reports to management regularly. Your business should have an IRP or incident response plan that’s updated quarterly.
Ensure all your employees are signed up, no matter which MFA you use. All your system administrators should use an MFA. Cybercriminals drool over the richness of those accounts.
Patch your software constantly and use auto-updates where possible. The CISA puts out a list of vulnerabilities to keep you up to date. Cloud use is more secure, especially if you lack staff to keep on-premise data safe.
Author: Kris Keppeler is a writer who finds technology fascinating and loves humor. She writes on Medium.com, and for Women of Wisdom. An award-winning podcast producer who enjoys telling funny stories. Follow her on X (formerly Twitter) @KrisNarrates or on LinkedIn.
Small Business Solutions 