It seems you can find an argument about pretty much anything these days.
Yet, I don’t think anyone would argue that the growth in cybersecurity and technology applications has been exponential.
Modern humans left Africa some 60,000 years ago, but the first Industrial Revolution did not occur until the late 1700’s/early 1800’s. In just over 200 years, we have experienced a second, third and now fourth industrial revolution. As artificial intelligence, quantum computing and The Internet of Things (IoT) progress, we can only imagine the advances we could expect to see in the next 200 years. (You can read more about Industrial Revolutions 1-4 here.)
It’s a challenge, especially for small businesses to keep up with every new technology and its applications. It’s even more challenging to manage the governance, risk and compliance of these applications.
Smart policies in Cybersecurity and Technology are about collaboration.
These are just a few of the many examples of concerns about emerging technologies and data breach notification requirements.
- Microsoft expressed concerns about the potential abuses of facial recognition software and called for a congressional review to determine new legislation.
- With the implementation of GDPR (see my previous blog here), it’s now more obvious that industry standards, state/federal laws and regulatory bodies have conflicting requirements for compliance.
- GDPR requires notice of breach within 3 days
- Florida law (FIPA 2014) requires notice of breach within 30 days
- HIPPA requires notice of breach within 30 days
- The Journal of the American College of Radiology reports compliance concerns regarding Artificial Intelligence and Predictive Analytics
- Numerous Attorneys General have urged Congress to pass the Data act to set a Federal standard of compliance for data breaches
Technology is moving so quickly, it’s difficult for agencies and governments to keep up. Additionally, legislators seem to pass laws in a vacuum, without involving all the players.
Cybersecurity and Technology for Small Businesses
Over 90% of all businesses have less than 20 employees. Indeed, some 64% of all business have less than 4 employees. These small businesses are NOT going to have a full time staff to address cybersecurity concerns, yet they are the most vulnerable to attack. So far, the majority of small businesses continue to believe (incorrectly) they are “too small” to worry about an attack.
To clarify, if you have less than 4 employees, you don’t need a full time IT staff (and you probably can’t afford them). You DO need an assessment of current state. Outdated software, lack of security or privacy policies, and failure to capture emerging technologies can all cause devastating damage to a small business. What you don’t know CAN hurt you.
Our governance, risk and compliance frameworks quickly and cost effectively identify risks and advise solutions customized to your industry, corporate structure and budget:
- Pay for services you NEED, when YOU need them
- Access our flex pool of Network, Security and Social Media specialists
- Elastic solutions that grow as you grow: from on demand to dedicated resources
- Cost effective virtual solutions
Contact us for your solution.
Today’s favorite: https://www.theswandreamsproject.org/