By Jim Lapointe
It is well known that the cyber world is a dangerous place and becoming more dangerous every day. Threats to businesses like ransomware are causing real concern and notable monetary damage to many small to mid-size businesses.
If the ever-increasing threats are not enough of a reason to take a deeper look at your business’s data security (and those reasons should be enough) there is another reason: regulation. Governments are taking a more active role in security and enforcing regulations for minimum security standards as well as fining businesses that do not meet those standards.
In fact, just this past month at the National Governor’s Association, a majority of State Governors agreed to increasing cyber security standards. The problem for many small to mid-sized businesses (SMBs) is keeping up with those regulations and finding solutions that are price-competitive.
As an example, each state has their own statutes for protecting personal identifiable information (PII). Some are vague and advise businesses to take “reasonable” precautions. New York has a more defined policy that outlines specific steps businesses need to take to protect PII.
If your business does not meet these standards and is the unfortunate victim of a breach, expect a fine to go along with your other headaches.