With the year almost over, now is a good time for a 2022 cybersecurity year in review! A lot has happened during this year and it is always good to reflect and try to find some lessons learned. We can then take those lessons and apply them to the upcoming new year and better protect our small businesses.
Nation states role in cybersecurity
One trend that was seen throughout the year in 2022 is nation state sponsored threats and attacks. Both Forbes and Secureworks discuss nation state threats. Now you may think, “I am a small business, why would another country even look at me?” Well, there are several reasons. Nation states will target you for financial gain, intellectual property theft, or for business/societal disruption. These nation states will employ cybercriminals or actual government employees to perform these attacks. In other cases, they may just turn a blind eye and not arrest or prosecute cybercriminals.
So with that said, cybercriminals typically do not discriminate when initiating their cyberattacks. Cyberattacks are typically automated processes that search the internet for open and vulnerable networks or are phishing campaigns.
Cyber Insurance on the rise
As cyberattacks continue to increase and the cost to remediate attacks also increases, the importance of cyber insurance has gone up. The cyber insurance industry has recognized this and has adjusted their premiums and in many instances instituted mandatory cybersecurity controls that must be adhered to in order to purchase coverage.
While it may sound weird to say, premium increases and mandatory cybersecurity controls is actually a good thing. Now, why is it a good thing? Higher premiums and mandatory controls will force your small business and every other organization who wants cyber insurance to implement measures to better protect themselves. This in turn increases cybersecurity across an economy and industry. This has the potential to reduce the amount of successful attacks against your small business.
Cybersecurity a top business risk
The reality is, cyber threats are a top business risk to small businesses. In many cases, it is not a realized risk. While in other instances, it’s recognized as a risk, but with little to no ability or controls in place to minimize this risk. To close our 2022 Cybersecurity Year in Review, let’s make 2023 the year your small business takes cybersecurity and owns it!
To learn more about the Michigan SBDC and the services we offer read up on them here.
This is our second to last Security Byte for the year, our final publication will be on December 21, 2022. Our first post in the new year will be on January 11 2023!