Last year, as in years prior, was a year full of cyber-attacks. But what was interesting was the trend of small and medium businesses being targeted more often. Generally, those types of businesses have either rested in the false impression that they’re not a big enough target or didn’t have plentiful valuable information hackers are seeking. The reality is the opposite and the stakes couldn’t be higher.
You’ve probably heard the phrase, “small businesses are the lifeblood of our economy.” A powerful word like lifeblood is defined as an indispensable factor that gives something its strength and vitality. That is to say, they are critical to the health of our national economy and prosperity. And as we’ve all seen on TV, in order to protect our own physical health, it’s important to “know your numbers” as the ad says.
Well, this should hold true for small businesses. We’re not talking about physical health, but something just as important, cyber health. But how many businesses are currently measuring their cyber health numbers? A better question to ask is how do you even do it? And what can you do with it? Is there a standard out there that’s recognized by industry peers and cyber insurers alike?
AT&T, a leader in world-class security solutions, has pondered these same questions and has come up with a solution to answer some of them. Cybersecurity Rating from AT&T, is exactly what the doctor ordered. This new solution, powered by BitSight, will equip small business owners with actionable data that can help protect data and assets, but also help you maintain a pulse on your own cyber health. And it’s perfect for business owners who don’t have large IT staffs, or who lack some of the technical expertise necessary to stay ahead of today’s evolving cyber-threat landscape.
Cybersecurity Rating helps an organization maintain an effective security posture by providing valuable insight into vulnerabilities with data collected by BitSight over the last seven years. Cybersecurity Rating is non-intrusive and does not disrupt your network. Results are grouped into the following categories of risk vectors: compromised systems, diligence, user behavior, and data breaches. It helps a business owner answer the question of just how protected it is against cyber risk.
So, with these numbers in hand, as a business owner, you now have the ability to make data-driven, informed decisions about cyber risk mitigation, or cyber risk transfer through a cyber insurance policy. The cyber insurance market is rapidly expanding, especially in the small and medium business space, because it’s a relatively new concept, but also referring to the earlier point about perceived permeability. Cyber rating products like Cybersecurity Rating will become even more important as cyber insurers gather more cyber risk actuary data and develop more effective policies that address the unique threat landscape faced by small and medium businesses.
More cybersecurity help is on the horizon to help navigate these menacing cyber-attack waters. Proposed legislation like HR 1648, cyber-awareness training for employees, and comprehensive risk management products like Cybersecurity Rating can help to facilitate a deeper conversation about uncomfortable topics like cybersecurity, risk of data breaches, and cyber insurance.
It’s akin to going to the doctor’s office after the holidays, but since you have all of your data and you know your numbers, you’re really just seeking a recommendation for a good gym. It should be easy to find one that’s not crowded now since the January rush is over!