Hi-profile cyber-attacks against large companies, such as Anthem and Sony, garner much of the attention in the media. However, small and medium sized companies (SMEs) are exposed to cyber risk as well. Rick Betterley, the editor of the Betterley Report, discusses how exposed small and medium sized companies are to cyber threats.
According to Mr. Betterley, small to medium sized companies are exposed to cyber risk much the way larger companies are. He says many SMEs don’t realize “they are the soft underbelly of cyber security.” They are under the misconception that they are too small to be a target. That false sense of security means they are poorly defended should an attack occur, which makes them a good target for hackers who want access to their data, or the data of a larger firm using the SME as a gateway.
Larger organizations are beginning to recognize their smaller vendors as a source of vulnerability. Many are beginning to require their vendor networks to carry cyber insurance, to tighten up indemnification agreements, and to tighten up security. It’s all done in an effort to make the larger firm more secure.
Some well-run small to medium sized companies are bringing in outside service providers, consultants and security services to strengthen their security defenses, however, according to Mr. Betterley, many are not doing anything. Of course many are starting to buy cyber insurance.
In part two of our discussion with Rick Betterley, he will explore the cyber insurance market for small and mid-size companies, the cost of coverage and the potential for growth in the market going forward.