Can Too Much Cybersecurity Be Bad for Your Small Business?


internet security and data protection concept

By Samuel Bocetta

If you run a small business, security is probably near the top of your priority list—and if it’s not, it should be. Businesses are the most common targets for cyberattacks, and the consequences of having data stolen can be huge ever since the passage, implementation, and consequences of the GDPR (General Data Protection Regulation) in Europe.

Sometimes, though, your focus on cybersecurity can have detrimental effects on the rest of your business. This is due to two factors:

  1. While it’s good to have dedicated ICT (Information Communications Technology) staff who are charged with looking after your cybersecurity, in a small business this staff (or “the IT guy,” if you run a very small business) can quickly become overburdened.
  2. Sometimes there can be such a thing as too much security. That shouldn’t make you take your security any less seriously, of course; cybersecurity for small businesses is important. But it should stand as a reminder that you need to identify what threats your business actually faces, and prioritize defending against them.

Let’s take a look at these two issues in more detail and then consider some solutions.

Everything is ICT

To understand how ICT staff can easily become overworked, consider the following question: how much of your business doesn’t rely on ICT?

While we would always recommend having a dedicated IT consultant on your staff, whether they are contracted or employed directly, you should guard against the temptation to give them everything that has to do with computers. Doing that assigns them the responsibility for securing essentially everything the rest of your team does. Document security is an example of this. If you allow your staff to delegate this to a dedicated IT worker, they will quickly end up overseeing all the important information your business holds.

READ ALSO  What You Need to Know About General Data Protection Regulation

The situation is even worse where IT staff are charged with innovating new solutions as well as securing existing systems. Recently released research by Vanson Bourne for LastPass found that among their security objectives for the coming year, more than 50% of the 700 IT professionals who responded to the survey cited securing data (75%), securing new technologies as they’re adopted (68%), reducing risk (66%), and upgrading identify access management (65%).

That’s a huge workload, and so it comes as no surprise that burnout is a common cause of staff loss for IT professionals.

Other Articles From AllBusiness.com:

Security vs. agility

A second issue is that is that it is possible to have too much cybersecurity. Or rather, to have an inflated sense of the risks your business faces, and to enforce security policies that are too rigid.

This is an unfashionable—and perhaps dangerous—thing to say. But if you run a small business, there is a very real danger that adding new security protocols every month will stifle the innovation and agility that makes your business competitive.



Source link

?
WP Twitter Auto Publish Powered By : XYZScripts.com