National Cybersecurity Awareness Month: Pressure Increases for Companies to Comply - Readiness Expected by Customers, Regulators for Large and Small Businesses, But Often Difficult to Achieve
The number of cyberattacks continues to rise, with cybercriminals targeting everything from small retailers to international corporations. In response, for October’s National Cybersecurity Awareness Month, Matrix Integration, an IT solutions and managed service provider for more than 1,000 businesses in Indiana, Kentucky and beyond, is advising organizations of all types and sizes to have a cybersecurity plan in place and ready to execute at a moment’s notice. A recent survey revealed that worldwide, more than 86 percent of businesses were affected by a cyberattack in 2020, compared to 80 percent in 2019.
“It’s no longer a matter of ‘if’ a business will get attacked, it’s a matter of ‘when,’” said Reggie Gresham, vice president of enterprise sales for Matrix Integration. “Everyone is a target. Today, regulators, customers and business partners need assurance that every business has a readiness.” plan that protects their assets and minimizes downtime.”
Readiness takes work, and finding skilled cybersecurity professionals is more difficult. According to industry association ISSA, a worsening shortage of qualified cybersecurity professionals has negatively impacted more than half of businesses worldwide. Hiring an outside IT firm to take on the cybersecurity function is both an economic and practical solution that provides a measurable benefit.
“Any IT firm that partners with you on security should be able to handle all aspects of cybersecurity, from protecting your infrastructure to providing employee training,” said Gresham. “They should be able to help you meet industry regulations. They need to make sure employees can access the network while keeping bad actors out. And they need to provide you with backup and recovery solutions that meet your business’s specific needs.”
Pressure from All Sides: Regulators, Insurance, Customers
Because of the prevalence of cybercrime, businesses need a solid action plan along with specific hardware and software to comply with industry standards around keeping data secure. Most consumers are familiar with HIPPA (the Health Insurance Portability and Accountability Act of 1996), which protects private patient information. However, healthcare institutions need to ensure that their data security plans adhere to HIPPA’s guidelines. Similar security checklists exist for educational institutions, which need to comply with the regulations outlined in FERPA (Family Educational Rights and Privacy Act of 1974), and financial businesses, which must demonstrate compliance with GLBA (Gramm-Leach-Bliley Act of 1999).
Within industries, funding and business partnerships may rely on demonstrated security compliance with these regulations or other industry guidelines – for example, a manufacturer may not do business with a supplier that cannot clearly show how it addresses cyberattacks or how quickly it can get back up to speed if an attack occurs.
Cybersecurity insurance can help defray the costs of a cyberattack, such as lost revenues due to downtime, but insurers themselves are upping the requirements businesses must satisfy to provide insurance at all. In other words, if a company does not have specific cybersecurity tools and procedures in place, it has little chance of obtaining an insurance policy.
For more information on how businesses can protect themselves against cyberattacks today, please visit matrixintegration.com/security-solutions.
Share your news with us!
Submit your news to the Chamber by the 12th or 28th of each month to be included in the bi-weekly Membership Matters emails.