As the digital economy grows, more organizations adopt digital transformation, and technology becomes the primary business driver, cyber crime grows with it. Soaring numbers of online and mobile interactions are creating millions of attack opportunities. Many lead to cybersecurity incidents that threaten the livelihood of both people and businesses. At the current rate of growth, damage from cyberattacks will amount to about $10.5 trillion annually by 2025—a 300 percent increase from 2015 levels, according to the 2022 Cybersecurity Almanac.
Organizations around the world spent about $150 billion on cybersecurity in 2021. However, threat volumes to continue to increase, and the bottom line is that more spending on cybersecurity is going to be needed to help reduce the risk to businesses and organizations.
One scary trend – a recent survey revealed that more than 40% of observed malware had never been seen previously. Another trend – cyber criminals are focusing more on SMBs and mid-market companies. These trends points to a significant evolution in cyber crime, in which current cybersecurity tools and services are insufficient to handle the threats.
So, if you run a small to medium business or organzation, the action item for you is to get involved in cybersecurity. Don’t just leave it to IT; you could leave your business at an extremely high risk.
How to get started
- Step 1 Be the Leader that Embraces Cybersecurity – Educate yourself on the risks, make investments in cybersecurity, buy cyber insurance, lead by example, and give IT a seat at the Executive Table.
- Step 2 Verify Basic Cybersecurity Tools are in Place – Check with IT team or Managed IT Provider and verify these things are in place and there are verifiable reports: Windows Patching, Centrally Managed Antivirus or End Point Protection, only corporated owned devices, Security Awareness Training, next generation firewalls, Microsoft 365 subscriptions, Disk Encryption for laptops, IT Asset Tracking, Multi-Factor Authentication deployed, and Off-Site Disaster Recovery
- Step 3 Make sure you have an Incident Response Plan – Your cyber insurance carrier should be able to provide a template for a basic plan. Make sure to test your Incident Response Plan annually using a table top exercise, and then adjust as necessary.
If you’d like to see more information on what every CEO should know about Cybersecurity, check out our recent presentation on the topic.