The RE: View is a look back at recent headlines that caught our attention and that senior executives and board members should consider when assessing and managing cyber risk.
Report: 71% of SMBs Are Not Prepared for Cybersecurity Risks
According to a new Webroot report, the top business security concerns for IT leaders are malware, mobile attacks and phishing scams. Cyber incidents can be costly to small and medium-sized businesses (SMBs) both in term of information lost or stolen and in terms of company reputation. Charlie Tomeo, vice president of Webroot, discusses the threats SMBs face and offers tips for their security, including creating action plans, educating employees, remembering mobile risks, allocating security budgets appropriately, keeping software up to date and being conscious of ransomware threats.
Senators Advance Bill to Train Small Business Counselors in Cybersecurity
In early August, the Senate Small Business and Entrepreneurship Committee advanced legislation that would require cybersecurity training for counselors helping businesses deal with cyber threats. Sen. Jim Risch says that this package of legislation “will give small businesses a boost in areas where they need it.” The Hill reporter Morgan Chalfant outlines the legislation, the committee’s bipartisan work on it and their efforts in overseeing the U.S. Small Business Administration.
Ransomware Can Cost Firms Over $700,000; Cloud Computing May Provide the Protection They Need
According to recent research from Kaspersky Lab, a single ransomware incident can cost a company more than $713,000 on average, and ransomware is on the rise, with the recent ExPetya attack impacting more than 12,000 devices across more than 60 countries. Many organizations are unprepared to deal with cyber threats like ransomware, and security expert Philippe Very argues that cloud computing could help companies more than investing in their own cybersecurity. Reporter Luke Graham shares experts’ insight on the cost savings cloud solutions can provide, the different types of ransomware and recommendations for storing data.
Los Angeles Launches Cybersecurity Lab to Aid Local Businesses
The Los Angeles municipal government recently launched the Los Angeles Cyber Lab, a resource to “dole out the info and intelligence on which the local government relies each day to prevent intrusions into its own network.” The lab is a public-private partnership with Cisco and is overseen by an advisory board of tech company representatives. Reporter Zack Quaintance includes insights from Los Angeles chief information officer Ted Ross on how the lab is helping businesses of all sizes, how it develops resources and how Los Angeles is paving the way for other cities to share cyber threat data with the public.
Cybercriminals Are Targeting Small Businesses That Don’t Take Cybersecurity Seriously
Cybersecurity attacks on organizations are on the rise, and according to Tech Republic, one hack could cost a small business as much as $256,000. Entrepreneur guest writer Brian Hughes argues that many small businesses “mistakenly believe” they won’t be targets for cyber attacks because they are “too small or inconsequential to matter to attackers,” but says that these attacks just aren’t as prominent in the news due to their smaller scales. Hughes provides insights on key cyber threats ‒ like adware, spyware, ransomware, mobile device infections, credential threats and bring your own device security concerns ‒ and shares steps organizations can take to protect themselves against these threats.
The Cybersecurity Regulatory Crackdown
As high-profile attacks continue to permeate the news, more regulations are emerging that require organizations “to get their proverbial houses in order…hitting companies where it hurts, with steep penalties for those that don’t comply.” SailPoint executive Juliette Rizkallah attributes this growing prevalence of cybersecurity regulations to the preventable nature of attacks like WannaCry. In addition, she discusses how the GDPR regulation is leading to other regulations both nationwide and globally, the growing industry of cyber insurance and the need for organizations to implement effective technology and processes and invest in cybersecurity chief executives to lead their security posture.