FlexMagic Consulting was a small business tucked away in Centennial, Colorado. It had nine employees, more than 30 years of service and annual revenues reaching more than $2 million. It was an ideal mom-and-pop shop that should have provided services for years to come.
But that didn’t happen. FlexMagic was the victim of a cyberattack.
One so impactful, it had no choice but to close the lights. The cyberthief gained access to Flexible Spending Account cards, some carried limits as high as $5 million. The consulting firm was victimized, and the effect was deafening. When the creditors wanted paid, FlexMagic couldn’t pay the tab.
This anecdote should serve as a warning to small-business owners, who aren’t taking cybersecurity seriously. There are many excuses, and some are understandable. Protecting data is an addition to a fragile bottom line. Many must decide if the cost for information security outweighs the risk of standing pat.
Recent trends are proving it is more cost efficient to invest in securing your network. The odds of being breached are rising – 43 percent of attacks target small business – and the financial burden is too much for many companies to withstand. But there are reasonable options that could provide strong defense.
Common sense is most cost effective. It’s free and requires employees to think before they act. Slow down. Methodically search your email and avoid anything that seems suspicious. Don’t use a universal password, lock your computer station when you leave your desk and don’t download files that appear rogue. Follow these rules and you delivered a vital blow to lurking hackers.
But sometimes, common sense isn’t enough, and owners or CEOs are forced to scour their budgets, searching for revenue to fund what has become a necessity. They must decide how to pursue this endeavor, and how much they are willing to spend. Companies would be wise to schedule penetration tests to have themselves investigated. It provides an opportunity to amend flaws, improve their certainty and protect their infrastructure.
Apogee IT Services is an experienced managed services provider that can help lessen your vulnerabilities. Internal- and external-network scans and user-awareness training also could increase certainty in your protection.
Many leaders choose not to remediate findings for various reasons. Some aren’t repairable, and the cost to fix others might outweigh the benefit to the business. But that doesn’t lessen the value of investing in cybersecurity protection. An infinite army of hackers ceaselessly search for avenues on which to strike. No organization should choose a reactive approach. A proactive plan is the safest defense against a metastasizing swamp of degenerates.
No strategy will completely protect a business from becoming a victim. But no strategy likely will guarantee a breach and budget deficit that could be too much to withstand. Spend wisely, and rest easier, knowing you strengthened your company’s certainty.
And don’t become a statistic for the wrong reasons. Don’t become the next FlexMagic Consulting.
To discuss security strategy, email Security Analyst Frank Verdecchia at firstname.lastname@example.org.