Business owners shoulder a significant portion of the responsibility of cyber security, but some components fall outside of the realm of management and into the world of IT. It’s time to give IT the resources, support and guidance to move your company towards strong cyber security.
If you’ve worked for an enterprise organisation, you know they take cyber security seriously. They might have a team of 50 or more dedicated to managing operations. Many even have a Chief Information Security Officer (CISO) to lead the overall strategy. One-quarter of enterprises spend at least 10 percent of their total IT budgets on cyber security initiatives.
A recent report found that the majority of small businesses have invested in antivirus software and firewall protection (81 and 76 percent, respectively), but less than half (47 percent) focused on employee education, and 20 percent or less took steps to provide ongoing monitoring of cyber security intelligence or threat assessments. In fact, 11 percent said that they had no security measures in place at all.
Providing the necessary resources
It’s essential that you give your IT team – whether that’s only one or two people, a large team or an external IT provider – the authority, flexibility and resources to protect your company with a strong program of comprehensive, ongoing cyber security.
Is this a lot to ask of an IT team? It is – especially when it comes on top of all of the traditional IT concerns, such as managing your company’s equipment, infrastructure and technology stack. It’s no surprise that a lot of this work doesn’t receive enough attention in small businesses when it’s difficult enough just to keep everything up and running, and they often lack the resources to dedicate time and budget to cyber security.
IT shouldn’t be asked to do more with less; give them the resources, support and guidance needed to move your company in the right direction with its cyber security initiative. That doesn’t mean IT needs to shift the focus away from their current jobs – it means enabling IT to leverage tools and solutions to complement their team and existing programs.