Periodically, you will see me give a nod to someone else’s blog post. October is cybersecurity awareness month, so today BASICS is featuring a blog, ISO 9001 A Key to Cybersecurity? (Part 1), posted by the Michigan Manufacturing Technology Center (MMTC), written by Andy Nichols (10/9/20).
Not a day goes by without our news feeds sharing details of yet another cybersecurity breach. It seems large businesses tend to be the main victims, with Target, Equifax, Marriott and even the UK’s National Health System patient data recently being affected by cyberattacks. However, we rarely learn about the impact of information security attacks made on small to medium-sized businesses, partly because they aren’t given as much prominence in the media. Yet, attacks against these smaller companies can and do happen, often with disastrous consequences.
In fact, FEMA concluded that between 40 and 60% of small businesses fail within a year of any type of disaster – including cyberattacks – unless some type of continuity/resiliency plan is put in place. These business failures occur not only from the penalties of paying the ransom, but from the “hidden” costs associated with losing access to information regarding sales pipelines, accounts payable/receivable, as well as intellectual property. A simple “hack” could even change an organization’s bank account details and divert customer payments somewhere else.
So, what is needed to protect small and medium-sized businesses from such an attack? How can an organization become “cyber-resilient”? Read more…