If I were a betting man – and sometimes I am – the data released by The Hartford Midsize Business Monitor about the role of technology in midsize companies points towards a growing risk that is not just the exclusive pain of the ‘big guys.’ Eighty-two percent of midsize companies consider data breaches at least as a minor risk to their companies, with 32% seeing it as a major risk. Although no trend analysis is shown in the results, I would suspect that these percentages are on the rise.
Here’s the really telling part, however – almost half of midsize companies (43%) have already experienced some type of data breach! These are not the household brand name companies that hackers seem likely to target to make the headlines. These are the companies that many of our members work at. Companies that won’t make the evening news, regardless of the damage that can be done by those data breaches. Information is a critical company asset, and these survey results indicate that the problem is reasonably large and probably growing among midsize businesses.
Smaller businesses will not be immune. Let me repeat that – smaller businesses will not be immune to data breaches and cyber risks.
If you work at a smaller business, you have an opportunity to get out ahead of the trend and take precautions with your company now. What kinds of precautions? Here are a few suggestions to start:
Please share your thoughts (in the comments section of this blog) on this topic and what you plan to do at your company about cyber security risk, particularly if you are at a small to medium size (SME) company.#strategy #IMA #data #BigData #breach #tech #cfo #SME #TechTalk #CMA #Cyber #cybersecurity #Csuite #HotTopic #IT #risk #datagovernance
- Design a sound data governance strategy/plan to make sure your information is accessible, credible, usable and safe.
- Design proper internal controls and continuous monitoring systems to help your organization monitor, manage and mitigate risks related to your information.
- Get additional training and education about current best practices to build and manage data governance policies.
- Obtain the technical skills training to enhance your knowledge around technologies and tools to help your organization effectively manage and protect its information from risk.
- Educate your board (if you have one) about material risks like cyber security and provide a mechanism for them to monitor such risks