In this episode of the SecurityANGLE, I’m joined by Jo Peterson, a fellow analyst, engineer, and member of the CUBE Community. Our guest today is Bob Carver, a well-known cybersecurity expert with deep expertise in cyber risk management, policy, threat intelligence, analytics, and more.
Our conversation revolved around SMBs and cyber risk management and how SMBs can up their respective games when working to mitigate risk, develop cybersecurity policies, and train their teams to embrace a security-focused culture.
Before we dive in, here are some cybersecurity stats our audience might be surprised by — and the reason we’re having a conversation about SMBs and cyber risk management:
- It’s estimated that 4,000 new cyberattacks occur daily, and every 14 seconds a company falls victim to a ransomware attack.
- Verizon reports that 80% of data breaches are linked to passwords.
- One of the biggest factors involved in cyberattacks on SMBs is compromised passwords. The cost of each attack is estimated to be around $384,598.
- According to research from the Ponemon Institute, 55% of respondents in a survey on password practices say their companies don’t have or aren’t committed to a policy on passwords and biometrics.
- Bitwarden reports that 53% of IT pros use email to share passwords with colleagues, and an alarming 44% of employees say they use the same login credentials across both personal and work-related accounts.
- Pet names, spouse/partner names, and children’s names are incredibly common passwords, and a frightening 60% of US adults use birthdays or names in their passwords (which makes social engineering by threat actors all that much easier).
- LastPass reports that in spite of the fact that 92% of people say they know using a variation of the same password is a risk, 65% always or mostly use the same password or a variation of that.
Image source: Last Pass
- Figures also show how organizations of varying sizes are affected differently by cyberattacks — those with fewer than 500 employees saw a 13.4% increase in average losses resulting from data breaches.
- Companies with 500 to 1,000 employees saw an increase in average losses of 21.4%, while those with 1,001 to 5,000 employees also saw a rise of close to 20%.
- Regardless of business size, 57% of organizations reported increasing the prices of their products and/or services as a result of the data breach, showing that consumers often absorb the cost of cyberattacks.
Watch the full episode — SMBs and Cyber Risk Management: How to Up the Cyber Protection Game
Our discussion with Bob explored:
- Cybersecurity risk management: what it is and why it’s so important.
- What a cyber risk score is, why it matters, and how it can be calculated.
- Insights from Bob on ways a small business can improve their cyber risk score.
- A product strategy (MFA, encryption, EDR, etc.) disguised as a security strategy can often fail to meet the needs of a business and often leave it exposed to avoidable cyber risk.
- The key elements any SMB cyber risk strategy should include.
Find and follow us on social here:
Shelly Kramer on LinkedIn | Twitter/X Jo Peterson on LinkedIn | Twitter/X
Bob Carver on LinkedIn | Twitter/X
See more of my coverage and insights here: