In terms of the likelihood and impact, the risk of a company experiencing a cybersecurity incident has increased in recent years.
According to IBM, in 2022 the average cost to an organization of a breach is $4.45 million. Some attacks are worse in terms of total cost.
A study by Accenture showed that from 2021 to 2022 attacks increased by 31%.
Ready to face this challenge, SEIRIM in Shanghai has grown over the past decade from a website, e-commerce and IT applications development agency and today serves the cybersecurity needs of large and small to medium size companies (SMEs).
“Regarding cybersecurity, companies often take a ‘head in the sand’ approach”, says SEIRIM founder S.R. Schroeder.
“While companies hope it won’t happen to them, the odds are not in their favor. The reality is that there is a 50% chance of an SME experiencing a small or major impact incident every year. SMEs experiencing a major incident can be so extreme that it causes operational, financial and reputational damage, after which many companies fail to recover”.
SEIRIM provides a full range of cybersecurity support services and is focused on delivering solutions directly to SMEs. These include:
- Risk assessments
- Vulnerability management
- Penetration testing
- Managed security services, and more…
Schroeder continues; “Many cybersecurity providers force clients into major and often expensive contracts. We feel this deters some companies from addressing the cybersecurity threat or to take half-measures based on a lack of experience which create security-gaps. Our strategy is to make cybersecurity services approachable and companies are welcome to hire as much or as little of our services as they require. In this way we can tailor solutions and provide the most impactful and cost-effective improvements to their security.”
Cybersecurity Concepts: A Guide
Regarding advice for companies and individuals who are just beginning their cybersecurity journey, Schroeder recommends paying attention to these key concepts:
All the technical security measures pale in comparison to the importance of staff being well-educated on internet safety and best practices.
According to the World Economic Forum, 95% of cybersecurity issues can be traced to human error.
At a minimum, employ more and better backups and redundancies so the company can bounce back in case of incidents such as ransomware. Backups are not 100% foolproof, but they are important.
Complementing better training and education – raise standards regarding a wide-array of basics such as the use of multi-factor authentication, reduced access to key data by restricting privileges, prohibit shared accounts, implement stronger security for remote workers; and more.
What will you do when things go wrong? Have an incident response plan in place regarding points of contact, contact methods and procedures.
Scan, Repair, Repeat
Test networks and devices for vulnerabilities. Follow up with patches, configurations and required fixes. Ensure these are resolved and then repeat the process.
The SEIRIM team understands that companies can often have a mentality based on ‘build and ship’ without enough attention being paid to cybersecurity. In today’s world, this luxury is no longer tenable and the best way forward is slower and safer to ensure security and business continuity.