With the latest media attention on cyber security incidents and data breaches, I hope you agree with me when I say that we are past discussing the importance of data protection and cyber security. If you still think cyber security is not relevant for start-ups and SMBs, come back next week and let me convince you that it truly matters.
Picture this: a pig, covered in fluffy fur, that lays eggs and gives milk. In German, this is called “eierlegende Wollmilchsau” which is vaguely translated to “Jack of all trades” in English. Unfortunately, I have seen this being advertised in the cyber security sector as well.
If you have ever looked into securing your company against cyber threats, you must have come across one of the many cyber security products or services that offer magical solutions against cyber threats.
Let me tell you why you won’t need (most of) them:
1. We’ll all get hacked (or suffer a data breach)
Sooner or later
We will all suffer a data breach one day. Whether it is a multinational corporation or you as an individual, let’s be honest and admit the chances of loosing data are incredibly high. How often do emails get send to the wrong recipient or contain the wrong information? Or how often do you use the same password for several different accounts?
In most cases, companies or individuals don’t even know that they have been part of an incident. Having said that, if you are willing to invest in Cyber Security for your business don’t purchase any tools or software that will guarantee to secure you against the next generation of cyber attacks.
These overall, magical solutions that protect you from malicious attackers, just don’t work in real life and if you look carefully, you will understand that “next generation (fill in the gap)“ does not make any sense. What are the next generation cyber threats?
What you can do is ask yourself “What would happen if I get hacked?”, think about the risks (i.e. “risk assessment”) and start with basic cybersecurity hygiene such as Cyber Essentials, for instance.
2. Most of the Cyber Security solutions are built for large organisations
With InfoSec London coming up in a few weeks, I am excited to see what new “next-generations (fill in the gap)” are out there and I am quite confident that there are still not many efficient solutions for the SMB market. Last year, I was on a hunt for a phishing software that we can use at CyberSmart. Guess how many I found for small teams? ZERO.The smallest offer I have received was for a minimum of 100 monthly users. Unfortunately, that is the same for intrusion detection, risk assessment tools and more.
That it is not acceptable! There are so many solutions available on the market already, and hardly anyone meets the needs of SMBs.
Side note: If you are a building cyber security solutions and you have a great product that can benefit start-ups and small businesses (and is reasonably priced) contact us!
3. Technology will not save us
We need people and policies as well
We often hear that humans are the biggest threat to cyber security, but we believe that humans are also the biggest opportunity. It is true that we are not as reliable as AWS but without humans, Information Security doesn’t work. Even if you have the best anti-malware, intrusion detection and threat analysis software, you will still suffer if your CFO becomes a victim of a spear phishing attack and transfers money to an unknown recipient.
We hear stories like this every day, and we hate to see companies losing money or even losing their business because of one stupid mistake. Talk about cyber security with your team and become “Secure by Culture”. If everyone in your company understands the risks and the responsibility they have towards data protection or cyber security in general, incidents can be avoided and a lot of headache, time and money can be saved. Don’t forget to think about policies and procedures that provide an anchor for your team!
Protecting your data and organisation is hard work — let us help you make it easier.