As regular readers know, I frequently consult with and counsel small-to-medium businesses (SMB).  I also work with non-profits, volunteer groups, and sole-proprietorships.  A specific warning is coming to the small-to-medium environment, and being that October is National Cyber Security Awareness Month, I wanted to pass it along.

First,  “large business” is certainly welcomed to today’s post, but there is a specific warning coming to these smaller environments (in terms of numbers of people, size of budget, sophistication of technical supports; and allied policies).  This warning is coming from a rather robust set of agencies:  a U.S. House of Representatives committee, as delivered by agents of the Department of Homeland Security, the FBI, and the Secret Service.    

The Warning:  Large organizations have adopted, and generally evolve, sophisticated protections against breach, theft, and exposure:  Therefore, this situation has turned cyber criminals to the softer target of the aforementioned SMBs, non-profits, etc. 

Smaller organizations don’t have the same budget, or depth of personnel, to always mount the most sophisticated protections.  And, a continuous upgrade path in match to evolving threats is not always sustainable, particularly in periods of slow business.

Of particular target are retail systems and online financial accounts.  Even today, many SMBs and related environments are more concerned with the physical security of locks on doors, zones, safes, etc., and many don’t give much of a nod to cyber security.  This is a mistake.

As their contribution to National Cyber Security Awareness month, The National Cyber Security Alliance has some good free material online – for students, parents and, in particular, for business.  Have a look at their tips, tools and resources.

Microsoft also has some good free resources.

Focus on a variety of areas:  You need to protect your employees.  Obviously you need to protect, and best serve, your customers, clients, consituents, etc.  And overall, you must protect your business.  I frequently ask organizations, large and small, “What is your number one asset?”  Folks almost invariably answer, “Our people.” 

Any organization, whether Fortune500, volunteer group, or sole-proprietorship, has this in common:  Their number one asset is their reputation.  Lose your org’s reputation, and your people won’t have a place to work. 

Mount a pro-active security awareness.  Stay safe in October.  Stay safe year-round.