As I write this, we have just wrapped up October with David Stelzl. This world-renowned cybersecurity expert joined us here in Richmond to teach small-business owners what’s going on in today’s cyber landscape. He talked about the risks businesses need to worry about, what happens to businesses who ignore these threats, and what business owners in Richmond needed to do to protect their company.
After the presentation and the great dinner provided by The Boathouse, almost everyone in attendance signed up for the assessment we offered. This was awesome because it showed that a room full of business owners finally realized why they need to care about cybersecurity.
Watch the video below to see what local business owners thought of the event...
Who Cares About Cybersecurity?
One thing I found really shocking as I planned the latest event is how many business owners really don’t understand what cybersecurity even is. When I told some people I had an event coming up, they were interested to go until they heard it was about cybersecurity. Then they shrugged and said, “Why would I need to go? My IT guy handles all that.”
I think it’s the word “cyber” that leads people astray. They lump anything cyber in with firewalls and antiviruses, the things your IT team really does handle. But cybersecurity is less about technology and more about balancing risk. Cybersecurity is the strategies you use to prevent hackers from breaching bank accounts, stealing company data, or holding your business hostage. It’s also about getting your business running again so you don’t lose money after an attack. Does that sound like something business owners should care about?
A Business Decision
A lot of calls I get are from companies that have already suffered a ransomware attack — or two. They know something needs to change and I come in to conduct a risk assessment. Usually, this goes pretty well. I take a look at their systems and help identify weak spots they didn’t know they had. But there have been occasions when I was met with some resistance from the IT department during an assessment.
I understand why an IT department might be worried about their boss calling in some outside company to take a look at their systems. But I’m not there to make sure IT is doing their job; I’m there to help the business owner make better decisions.
It would be like if I hired a company to perform a financial audit for us and the person in charge of our company finances refused to let the auditor look at the books. Not that Kelsey would ever do such a thing, but if she came to me and said, “I’m not comfortable with this company looking at our books,” I would have to say that it’s not her call to make. Risk assessments aren’t in IT review; they’re a business issue.
The Way of the Dinosaur
Audits and assessments like what we offer our clients aren’t critiques of their company or their IT department. It’s a second pair of eyes looking for problems you may not realize are there. Here’s the worst-case scenario: We find a huge weak spot in your company and teach you how to fix it before criminals can use that weak spot to ruin you. If w