Cybersecurity Threats Becoming Very Real for Small Businesses
Did you watch the new show “Mr. Robot” on USA Network last night? If you were skittish about cybersecurity and identity protection before, you might never want to leave the house again. A recent Duke University/CFO Magazine survey further illustrates the point of paranoia – more than 80 percent of U.S. companies report their systems have been successfully hacked in an attempt to steal, change, or make public important data.
Let’s repeat that – 80 percent.
Think only the big dogs like Target and Home Depot are being…targeted (pardon the pun)? The number is worse with small businesses with fewer than 1,000 employees, in which the number jumps to 85 percent. According to John Graham, survey director and Duke University professor, “The situation may be even worse than reported because many firms may not even realize that they have been hacked.”
Graham explains the success rate of hacking smaller firms is a result of fewer resources dedicated to information security. At the recent Infosecurity Europe 2015 conference, Information Security professionals discussed current and potential future threats. According to Chris Richter, Senior Vice President of Managed Security Services at Level 3 Communications, 1,800 new distinct families of viruses have been detected in the past year, and 40 percent of the top 10 data breaches were due to lapses in non-technical controls, which includes mistakes and lapse of governance.
In a recent report by the International Information System Security Certification Consortium, out of 14,000 global organizations surveyed online in 2014, 62% said their organizations have too few information security professionals, compared to 56% in the 2013 survey. The study revealed that while more organizations are making budgets available to hire more personnel, the global hiring shortfall will reach 1.5 million in five years due to an insufficient pool of qualified candidates.
Carolina Career College of Raleigh-Durham-Chapel Hill offers a full suite of Information Security certification training for businesses and individuals as part of the Career Development program.