Just about every small and medium organization (SMO) is operating digitally. Who doesn’t use email and have a website?
This means you have an attack surface and are a potential target of cyber attackers. The bad guys have figured out that you, as an SMO, are digital, have an attack surface and can be attacked from thousands of miles away. They know they can easily break into your work network, steal valuable data and install ransomware, lock you down and demand a ransom payment, and the impact on you will be very significant. According to IBM, the average cost of a data breach for an SMO is $5.4 million. This is why SMOs are increasingly being attacked. So what can you do?
You must adopt Canada’s national cybersecurity standard, CAN/CIOSC 104, Baseline Cyber Security Controls for Small and Medium Organizations (SMOs). I had the honour and privilege to help author the national standard. It was published by Canada’s CIO Strategy Council with support from the Ministry of Innovation, Science and Economic Development (ISED). It prescribes 55 controls for an SMO in order to be secure.
These controls are to prevent, detect and respond to a cyberattack and do deliver an adequate defence.
For example, one of the prescribed controls is to regularly scan your website and Internet-facing assets to detect and remove any vulnerabilities that an attacker can exploit to break in. CyberCatch scanned a random sample of 19,375 websites of SMOs and detected 82% with vulnerabilities. By scanning regularly, one can detect vulnerabilities and eliminate and prevent an attacker from breaking in. This is an example of prevention control.
The national standard is the world’s first cybersecurity standard for SMOs, and we should be proud in Canada for creating it to keep SMOs safe.
You are the growth engine of Canada, and we must keep you safe from cyber threats. Please download the national standard and the 15-Minute Guide and adopt them right away.
The key to success is to first recognize that you are operating digitally, have an attack surface and are a target. Then take the necessary step to implement an adequate defence so you can navigate the digital waters and thrive as an SMO. May you continue to thrive and be successful. Your success is Canada’s success.
Founder, Chairman and CEO CyberCatch
Sai Huda is the founder, CEO, and chairman of CyberCatch. He is a worldwide known risk and cybersecurity expert, the author of the bestselling book “Next Level Security”, and a regular keynote speaker at several industry conferences.