Why You Should Treat Your Business Cybersecurity Strategy Like Your Spouse’s ‘Honey-Do’ List
And why a Security Operations Center (SOC) may be your most critical ‘to-do’ of all
By Neal Williams, Director of Sales, cStor
Sometimes I complain to my guy friends about my wife’s ‘honey-do’ list… you know the one: “Honey, can you take out the trash?” “Honey, can you get the kids from practice?” “Honey, can you remember to call the landscaper?” And when you miss something on the list, it whispers to you in the darkness of night… “honey…. honey… get it done…”
Truth be told, my wife is amazing! She keeps me on track and we work like a well-oiled machine most days. That’s a beautiful thing. The other truth is, I actually like feeling needed and helpful to my family, it fuels my happy-man-emotions (if there is such a thing 😉).
In the business world, my wife’s ‘honey-do’ list equates to all of those checkboxes a business needs to run smoothly… err…. thrive… in today’s unprecedented technology environment, despite what’s happening in the world. From the big items like customer service systems, cloud and networks, to the more mundane and routine to-do’s of data management, storage/backup and mobility management… the list goes on.
On the cybersecurity to-do list item, far too often I see small- and mid-sized business leaders take some safety measures, but for the most part think that a crippling, or even catastrophic, cyberattack simply won’t happen to them. They believe that because of their size, they aren’t even a target and that only the bigger companies with the deeper pockets are in the hackers’ line of sight.
The even bigger issue is the lack of resources those leaders have concerning cybersecurity expertise, either in-house or from third party providers. They are indeed in high demand these days, and there’s also a common misconception that such resources are just too costly for them. More on this later.
According to a recent Varonis report on “134 Cybersecurity Statistics and Trends for 2021,” the ongoing remote workforce environment will continue to be a target for cybercriminals, which is expected to lead to more cloud breaches overall. The report also concurs that a cybersecurity skills gap will continue to be an issue in 2021. It states that 95% of all breaches are caused by human error, and worse still, the FBI reported that cyberattacks were up 300% since the pandemic began. YIKES!
When you consider all of this, and that the average employee also has access to 11 million files, you really should probably start worrying about what’s NOT on your cybersecurity ‘honey-do’ list.
Ok, now back to my original line of thinking. As a small- or mid-sized business leader, you may be saying, “Hey, this all doesn’t really apply to me, so what?” Many organizations have a rudimentary cybersecurity plan in place and just enough employee education to feel well enough protected.
I’d end this blog here if I honestly thought that was true. But given the continued increase in cyberattacks, including on small- and mid-sized businesses, and the fact that the U.S. has the highest data breach costs in the world, I’d argue that these organizations are missing the forest through the trees.
Cybercriminals are Inherently Opportunists
If you believe cybercriminals only target the ‘big fish,’ I would encourage you to rethink this incorrect fact. The good news is you can change it. Cybercriminals run automation programs that work around the clock scanning for vulnerabilities anywhere they can find them. They aren’t terribly discerning in the hunt. It’s a business, just like your business.
You Can Deploy Affordable Defenses in Your Control
Step one is to check the boxes on the cybersecurity to-do’s that are affordable and completely in your control. Although they are opportunists, they don’t want (or frankly need) to work that hard at it. They are looking for the easy take, en masse. My colleague, Jared Hrabak, here at cStor wrote a great blog on some basic personal and corporate cybersecurity tips that are usually enough to just send the hackers elsewhere, so I encourage you to check that out soon.
Yes, You Likely Can Afford to Engage a Security Operations Center (SOC)
Ok, so quick recap. Cybercrime is still increasing and will likely continue, meaning small- and mid-sized businesses are also at increased risk. Cybersecurity expertise is in high demand with limited resources. Sounds ugly, huh? Well, more good news: the advent of the Security Operations Center (or SOC), is to the rescue. Here’s a clear and concise definition from CIO Magazine:
“A Security Operations Center (sometimes called an Information Security Operations Center) is exactly what its name suggests – a team of technical experts in a facility dedicated to the organization’s cybersecurity. Its job is to work around the clock to minimize risks, stay up-to-date on threats and risks, and respond to attacks on computers and networks. It’s essentially the IT equivalent of a building security center, the difference being that the team is in front of computers, not CCTV.”
One, if not the, most important asset to any business is its data. Protecting your data should be priority number one, but that takes a multitude of ‘to-do’s’ on your cybersecurity checklist, and the kind of expertise to do it efficiently and affordably. A SOC offers the kind of technology and cyber expertise without the hassle – and potentially larger budget – needed to build an in-house team.
Fortunately, the evolution of the SOC function is finally benefiting small- and mid-sized businesses, as they’ve been able to mature enough to manage cybersecurity effectively and cost-affordably for nearly any business size. Engaging a SOC for your business means you don’t have to keep up with the latest cyber-defense technologies, skills and weapons in your arsenal. They do it for you, while you get to focus on the business of running your business.
Oh, and checking off the rest of your ‘business honey-do’ list. 😉
I’d love to get your take on this topic, and if you’ve had past experiences, good or bad, with SOCs. And as always, if you need some expert guidance on how a SOC can work for your business, drop us a line, we’re here to help.