Yesterday in the Financial Times was a report on the current issues surrounding Cyber Security. The report had many articles on current attacks to large enterprises and what we can can expect in 2011 (download the report here). One of the articles titled "Market chaos leaves small businesses as primary target", mentions an all too familiar issue with small to medium size businesses, the “accidental IT guy – or gal."
Small and medium size businesses sometimes have a person in charge of any IT issues that are put in that position because there is not a qualified person on staff or the duties just sorta of fall in their lap. Whatever the reason, the network then becomes vulnerable to cyber thiefs because they know the network may not be secure and an easy mark for an attack.
Due to the current fiscal crisis that a lot of small and businesses are growing through, IT security is usually put on the back burner. This usually leads to a vulnerable network, that a hacker may be able to attack and steal either data or financial information. Think about it, why would hackers try and go after a large enterprise with its security when it could go after a small or medium size business's unprotected network? If your business is collecting and type of data or financial information, your company is vulnerable. This is a growing problem and one that needs to be addressed if you want to protect your business.
What is the answer to this growing problem? Small and medium size business's need to have a trained IT security person on their staff or hire a security consultant to do a security audit for the whole company and a penetration test to ensure all vulnerabilities are addressed and countermeasures are in place.
In this day and age the worst thing a business can do is ignore a cyber threat because they think "It won't happen to our company." You never know it may have happened already and you just don't know it.
If you have any questions on small or medium size business IT security, please feel free to contact me.
- Tom Pruett, Cisco & Security Expert; MCT, CTT+, CISSP, CWNA, CEH, CHFI, CCSI, CCNA, MCSE LinkIn with Tom