What are the costs and benefits of developing cybersecurity programs in business?
I believe cost can be measured in a couple different ways. Cost could apply to the actual cost of implementing cybersecurity measures or the cost of an attack, whether that be financial loss or customer loss. These costs must be weighed against the benefits of paying into and having a sound cybersecurity plan. Cyberattacks not only cost in the short term but will have long term costs associated, which can be more damaging. According to Dr. Jane LeClair “Fifty percent of SMB’s have been the victims of cyber-attacks and over 60 percent of those attacked go out of business” (NSF, n.d.). These numbers are quite astounding. Imagine if these numbers applied to physical break-ins. Small businesses would take these threats very seriously and ensure their doors were locked and businesses were protected by some type of alarm system. Unfortunately, cyber-attacks can be more difficult to imagine and sometimes go unnoticed, but the consequences can be as devastating. To get small businesses on the right track, owners and operators must be educated on the vulnerability, threat, and risk spectrum. This is the starting point for any small business because without understanding the concepts and possible outcomes, owners will not understand that the benefits of any cybersecurity program outweigh the potential losses. Cybersecurity for small businesses does not have to be as extensive or expensive as it can be for large corporations. Business owners can see this by analyzing their vulnerabilities, threats and understanding their risks. Small businesses rely on their customers and ensuring protection to those customers ensures sound business and continued customers. If a company cannot protect their customers’ data, they will lose trust and go under. The NISTIR 7621 gives an excellent breakdown for small business owners to understand this spectrum and to assess how much security is required for their type of business. This enables these owners to ask questions about what information they have, what would happen if it were stolen, and how to best protect it. The NISTIR gives basic spreadsheets to help determine risk and help develop easy solutions for each risk identified. These spreadsheets and questions are the starting point for any business when dealing with cybersecurity. They enable a tailored foundation that provides benefits while reducing monetary cost.
The Impact of Cybersecurity on Small Business. (n.d.). NSF.
Toth, P., & Paulsen, C. (2016). Small Business Information Security: The Fundamentals. NIST.
How can you tell if your computer is safe?
Computer safety should be as important as physical home safety. As more personal data is saved on computers and networks, people must understand the damage that can be done if an unwanted person accesses that data. Users can verify their computers are safe through the application of different hardware and software. The application of basic cybersecurity safety such as strong passwords, frequent updates, and basic security settings are also a must. Software such as firewalls, or anti-virus programs are a great start to securing computers. More than one program can be used to ensure any holes in one application are plugged by the next program. Firewalls also come in hardware which can be used to protect the computer in addition to software. Strong passwords and the most secure privacy setting assist in reducing vulnerabilities. In addition to all the hard and software applications, nothing beats good computer hygiene. Visiting unfamiliar sites, clicking on pop-up, opening unknown emails, and not updating the computer frequently will leave many vulnerabilities and put the computer and its data at risk. Unfortunately, all these methods are only ways to reduce vulnerabilities from threats and can never fully secure a computer.