Nowadays, it seems no company is safe from a potential cybersecurity attack. The concept of a cybersecurity team makes sense for large corporations, but what about small businesses? There are some misconceptions, but in fact, small businesses should have a cybersecurity team in place as well—whether it’s a full-time employee or a contracted company.
According to a study conducted by Symantec, a software company based in California, in 2015 small businesses with fewer than 250 employees were the largest percentage of companies hit in targeted cyber-attacks. “The last five years have shown a steady increase in attacks targeting businesses with less than 250 employees,” the report states. The study concluded that a small business is much more at risk from a cyberattack and should invest in help before it is needed.
To better understand cybersecurity and the IT industry, Western Governors University (WGU) partnered with online professional network, LinkedIn, to research various elements of the cybersecurity job market and workforce. The full survey can be found at: wgu.edu/linkedin-cybersecurity-study.html.
Not only are more businesses hiring data security employees, but they need these employees for the long-haul. “Securing your business is not a one-and-done investment, and more companies are beginning to realize this,” said Greg Larsen, director of IT Services at Dash2 and a graduate of WGU’s MBA program, in a guide created by WGU. “Hackers know that many companies don’t do the foundational-level work, so they automate these attacks to target small to midsized businesses.”
The results in this WGU study showed that in 2017 alone, job listings for cybersecurity grew 58 percent on LinkedIn. The demand for cybersecurity professionals has reached critical levels, and employers need a skilled workforce to fill these open positions and create plans of action.
Hiring an employee or a team is not the end of the cyberattack strategy. A company should create a plan that includes policies and defense. The plan should include various aspects, such as the measures a business will handle to make sure that customers, employees, and networks are safe from possible cyber issues. A plan can also outline details of each step employees must tackle daily to protect client and company information.
Ideally, a cybersecurity employee or team will be able to lead the company through an attack using the steps already in place. Having a plan of action is key and is reliant on a company’s dedication to protection. Not only is a company’s reputation at risk in an online threat, but there can be a large financial burden as well. Consider this, if an attack occurs and a business must place work on hold, then customers’ orders cannot be processed, new hardware and software may need to be purchased, and some companies may be responsible for hiring credit monitoring companies for possible victims. These costs add up and can drastically affect the financial future of a company, especially a small company reliant on day-to-day business. A cybersecurity plan can help prevent such attacks or mitigate the problems if an attack occurs.
Put simply, cybersecurity is an important industry and an area that will continue growing in the future. Businesses should include IT as a vital part of their business as much as accounting and human resources. Putting in the effort of hiring a skilled candidate or choosing a top-performing cybersecurity organization will pay off in the long run and do more to protect the business, large or small, from catastrophe.
Spencer Stewart is chancellor of WGU Nevada.