By Meg Anderson, vice president and chief information security officer at Principal®
This story previously appeared on principal.com.
Businesses can stay alert to cyber threats but feel reassured by broader trends in technology, talent, and other areas.
I'm a chief information security officer, but I like to replace the word "officer" with "optimist" when thinking about how much progress we've made in understanding, resisting, and recovering from cyberattacks.
A timely dose of informed optimism may help reassure all of us. The volume of cyberattacks, regulations, defense measures, and just plain noise has increased in the last decade, leading many business owners to wonder whether optimism has any place in conversations about digital operations and persistent cyberthreats.
Yes, it does, for the following six reasons.
1. Security is embedded in more technology now
Software is increasingly embedded in our daily business lives — introducing new, unpredictable, and interlinked vulnerabilities. But more software firms are rising to this need and recognizing that greater security helps make them more competitive.
We expect to see data encryption, multi-factor authentication, and other critical cybersecurity features built into the core of more software. These safeguards will become more affordable and within reach for small businesses. And when there's an incident, data recovery will be more seamless.
2. There's greater collaboration between government and industry
We're getting very good at sharing information and threat intelligence among business sectors, governments, and other peers. We now understand we have common enemies, which leads to streamlined public-private partnerships.
Our government and industry partners are starting to align the patchwork of laws and regulations to flag cyberthreats and incidents more consistently, which helps others avoid becoming unwitting victims.
3. There are free resources available to help small businesses
Organizations such as the Cyber Readiness Institute (CRI) and government agencies like the Cybersecurity and Infrastructure Security Agency (CISA) offer free information, training, and tools specifically for small businesses.
With just the investment of your time, you can take advantage of their training opportunities, including becoming cyber-certified. There are also technical resources, like scans and penetration tests, that can provide reassurance. Periodically, revisit what's offered as a proactive way to keep your business more cyber secure.
4. IT is being integrated into business operations
We're learning to bring information technology (IT) into the heart of business operations. The financial impact of a significant cyber incident is a business risk, not a technology problem.
We've learned cybersecurity is more effective and less expensive when we plan for it in the early stages of mergers and acquisitions, or when we onboard customers and receive their data or money. For business owners, cybersecurity isn't an afterthought but a core business concern.
5. Businesses are focusing resources on cybersecurity
Businesses are getting better at pinpointing their top cybersecurity risks. They're using precise data to focus limited business resources where it can make the most difference — like any solid business analysis.
As a small business owner, you can access these finer details to make decisions based on evidence, understand your unique risks more fully and factually, and be more efficient in mitigating risks.
6. More talent is flooding the market
A wave of new, trained, reinforcement is on the way with talented cyber workers flooding the zone. Employment of information security analysts is expected to grow 31% from 2021 to 2031*, outpacing the average for all occupations. Higher education has responded to the cybersecurity talent gap, and students are graduating from related programs and majors at a faster pace.
There's always room for continued improvement in digital operations, of course, but we can start feeling more optimistic about progress that's been made toward cybersecurity for small businesses.
Get timely ideas from businesses like yours at principal.com/benefits.
This post was created by Principal with Insider Studios.
*U.S. Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, information security analysts, September 2022.
This article is intended to be educational in nature and is not intended to be taken as a recommendation.
Insurance products and plan administrative services provided through Principal Life Insurance Company®, a member of the Principal Financial Group®, Des Moines, IA 50392.
© 2023 Principal Financial Services, Inc. Principal®, Principal Financial Group®, and Principal and the logomark design are registered trademarks of Principal Financial Services, Inc., a Principal Financial Group company, in the United States and are trademarks and service marks of Principal Financial Services, Inc., in various countries around the world.
2997860-072023