There is no doubt that the COVID19 has had an impact upon the entire world that nobody ever even fathomed. Heck, back when the news headlines started to flash about this back in December, I never thought much of it, really. I just assumed that it would it just be contained in China. But as January and February rolled on, people started to realize hey, this is something for real.
My first inkling that something was really wrong was when major vendors started to pull out of the RSA Conference, held in January (now it has been moved to May in 2021).
But it never really hit home until our governor here in IL started to systematically shut things down one by one, and when it came to closing down the non-essential businesses, that it is when it really, really hit. I have got close friends here in my apartment complex that are also small business owners just like myself, and when I saw them started to worry about things, it made me really worried also.
Unlike mine, which can be done virtually for the most part, these other people that I know of have the traditional brick and mortar presence. They own gyms, bars, restaurants, you name it. But so far, they weathered the storm, and the good news is that they plan to become even stronger once there is a sense of normalcy that is returned. But all of this brings up one especially important point.
It is the SMBs in Corporate America which drive the economic engine here. Sure, we do not get the limelight like the Fortune 500 do, but there are many more of us when compared to them. We may not have the balance sheets that they do, but as a collective whole, we can out beat them on many levels, not to mention innovation, and new technological ideas.
In fact, just last Friday, I had a podcast with a Cybersecurity Executive. He too has an SMB, but has been around since 1996, and his primary market is in New Mexico. Much of our discussion actually focused around the SMBs here in America, and how they would make it out after COVID19 would eventually fade away from the news headlines, and as states would start to open up their doors again.
The bottom line from the podcast, is that there is still a renowned sense of optimism amongst his clients (whom are also SMB owners as well), and even with him as well.
In fact, there is often the misnomer that the American SMB is not well fortified against Cybersecurity threats, and that they have no clue as to what is going in this regard. The truth of the matter is that the average SMB does actually have a really good idea as to what is transpiring, and in fact, they are even much better fortified than expected. It is just that once again, we do not make the big news headlines like the Fortune 500.
These findings have been further substantiated by a recent study conducted by Cisco, which is entitled “Big Security in a Small Business World”. The report can be downloaded at this link:
In this project, over 500 SMBs were surveyed, which have an employee size of about 250 to 499. Here are the three major takeaways from the polling that was conducted:
*The SMBs are not prone to public scrutiny, it is only the Fortune 500:
Obviously, when we hear about a security breach that has happened, the first thing that comes to mind is once again, the Fortune 500. But this is really no fault of ours because all we hear about in the news is how all of the major retail and restaurant outfits have been impacted. From what best I can remember, this includes the likes of Applebee’s, Target, SONY, the Marriott Hotel Group, Experian, the British Airways website hack, etc. But believe it or not, yes, even the SMB does get some scrutinization. It may not be at the national level, but it probably happens locally.
For example, just slightly half (49%) of the SMBs did receive some sort of media or federal authority scrutiny after they have been impacted. In fact, 59% of them even said that 2019 was their worst year ever for experiencing a Cyberattack of varying sorts. Here are some other findings in this category:
*The customers of 73% of the SMBs that were polled asked specifically what their actions are being taken to address Cybersecurity issues, especially when it comes in the way of protecting their Personal Identifiable Information (PII). In other words, it seems like that the SMB truly goes out of the way to address these concerns, as they have a lot more at stake when it comes to retaining existing customers and getting new prospects.
*Quite surprisingly, 59% of these SMBs actually volunteered on their own discourse to report if they have been a victim of a Cyberattack to the necessary regulatory bodies, and law enforcement.
*The SMBs are embracing the use of Automation:
Let us face it, a business, no matter how large or small it might be, experiencing any kind of downtime totally sucks. Everybody is on angst and anxiety to get things back up and running as quickly as possible as possible. After all, in the end, any hours or days of lost productivity can have a severe impact towards the bottom line. According to the survey, the average downtime for an SMB after they have been hit is has only been around about 8 hours. This is actually quite surprising, as I thought it would take longer, because of resources and money being stretched to the breaking point. But the good news is that the SMB is well aware of the ramifications of this kind of downtime and are proactively looking for ways to get this down ASAP. In this regard, they are looking to use the tools of Automation, especially where Artificial Intelligence is involved. For example, 77% of those SMBs that were polled plan on using some sort of Automation tool in the coming 12 months. But the even better news is that the SMB can actually afford these now, because a lot of them are now offered as a SaaS based offering, in the Cloud. This means that pricing is fixed, predictable, and best of all, can fit into any kind of Cyber related budget. It was also discovered that the SMBs would most likely use Automation tools to help combat major Cyber threats, such as that of Ransomware.
*The C-Suite does not care about Cybersecurity or Data Privacy:
Ah yes, the C-Suite. This is always and will continue to be very much of a hot button topic for quite some time to come. After all, the buck stops with the CIO and/or CISO, but in the end, everybody, even the administrative assistant, are all responsible for Cybersecurity in their respective businesses. In other words, if an SMB has been impacted the immediate, knee-jerk reaction is that the CIO/CISO should be fired. But really in the end, an exhaustive forensics examination needs to be done first before blame can be cast. In fact, I guess this very question in my podcast shows, and most of the guest concur with my belief in this regard as well. But, the good news is that, at least according to the survey, almost 90% of the C-Suites that were polled actually do view Cybersecurity as a top priority, especially when it comes to protecting the PII of their customers and prospects.
My Thoughts On This
Well, there you have it. Just because, we the SMB owners do not get all of the limelight like the big boys of the Fortune 500 do, it does not mean that we do not understand the ramifications of maintaining good levels of Cyber Hygiene.
In fact, I believe that most SMBs are much quicker to respond to, as well as notifying their key stakeholders if they are impacted versus their Fortune 500 counterparts. The reason for this is quite simple: We have a lot more to lose and have much more at stake.
In the end, my view is that it will not be the Fortune 500 that saves Corporate America post COVID19, rather, it will be the SMB like you and me.