Data breaches and identity theft have become relatively common issues among a variety of industries and within virtually every region of the world, while studies indicate that small and medium-sized businesses are among the poorest performers in this arena. As threats continue to proliferate with little refrain and new technology enters the average corporate infrastructure with breathtaking speed, enterprises must do more to protect themselves from the risks of the modern, IT-driven era.
Cloud computing was once among the most feared technologies because of security concerns and its sheer novelty, but now is stepping up as a potential buffer for corporate protection. In short, cloud services can be used to comprehensively overhaul and modernize IT frameworks, all the while maintaining centralized management of all activities regardless of what devices they originate from or which employees are using them.
As security concerns continue to peak, small business owners might be able to mitigate their companies' risks by partnering with a cloud service provider that knows exactly how to take care of compliance and security requirements on an everyday basis. This is an especially advantageous move for entrepreneurs who do not have large IT departments that are rich with expert staff members and a multitude of financial support.
However, regardless of what the small business owner decides to do with his or her IT infrastructure, the key is to become more proactive and focused upon security capabilities. Threats will continue to proliferate, and a new study revealed that the average organization is not only unprepared for an attack, but more likely to experience one because of poor planning and strategic oversight as well.
PricewaterhouseCoopers recently released its 2014 U.S. State of Cybercrime Survey that sought to identify and analyze trends taking shape in the private sector today. The report was created with the help of CSO Magazine, the U.S. Secret Service and the CERT Division of Carnegie Mellon University's Software Engineering Institute, while more than 500 business leaders, security experts and other individuals responded to the various questions contained therein.
The results were certainly not pretty. For one, PwC found that 77 percent of respondents had experienced at least one security incident in the past 12 months, while roughly one-third saw an uptick in the frequency of the events over that time period. Furthermore, 69 percent of leaders in the United States were concerned about the potential threats of cybersecurity problems to financial stability and growth prospects.
Researchers from each of the groups pointed out that companies are increasing budgetary allocations directed toward security, but are not commonly doing so in a productive and structured fashion. On top of the provisioning issue taking place in many companies, hackers are getting smarter and more capable of breaking into systems with the passing of each year.
"Despite substantial investments in cybersecurity technologies, cybercriminals continue to find ways to circumvent these technologies in order to obtain sensitive information that they can monetize," Special Agent in Charge of the U.S. Secret Service's Criminal Investigative Division Ed Lowery affirmed. "The increasing sophistication of cyber criminals and their ability to circumvent security technologies indicates the need for a radically different approach to cybersecurity: A balanced approach that, in addition to using effective cybersecurity technologies, develops the people, processes and effective partnerships in order to strategically counter cybersecurity threats."
Finally, the authors of the report noted that only 38 percent of respondents had developed and deployed a mechanism to more accurately and efficiently guide security provisioning programs, and that this number needs to be far higher to make a difference in the cybersecurity arena.
"The severity of cyber threats will continue to intensify as threat actors evolve and sharpen their skills and techniques. If history - and responses to this survey - are a guide, more organizations will fall victim to more costly cybercrime in the coming year," PwC's Steven Burg added. "Organizations that take a strategic approach to cybersecurity spending can build a more effective cybersecurity practice, one that advances the ability to detect and quickly respond to incidents that are inevitable."
Implications for IT management
Small business owners need to know when to ask for help in these matters, as the IT security landscape is a highly difficult one to navigate, especially when the entrepreneur has not been managing a business for a long period of time. Cloud computing vendors and managed service providers can help guide companies through the initial and long-term stages of IT management and security oversight to ensure stronger performances in these areas.
The cost of a data breach event can be crippling for a small business owner, whereas the price of effective security solutions and support will almost always be far lower.