The Coming SMB Data Security Compliance Squeeze

by | Aug 19, 2020 | Compliance, Strategy

SMB data security compliance

Data security compliance has been coming after you for a while. It’s now picking up speed whether you like it or not. A couple of years ago the European Union issued GDPR to help protect citizens’ data rights. Companies that have any data from individuals who reside in the EU fall under this mandate, even if it’s just a simple online form.  California, New York, and several other U.S. states have implemented similar consumer (including B2B buyers) data protections. Many think that the mandates don’t pertain to them because they aren’t big tech. If you have customers or prospects in any of those geographies and maintain data on them, you now must make efforts to protect their data or face significant fines. The U.S. government is also looking to push federal compliance out that will affect all companies.

The SMB data security compliance squeeze will be upon us sooner than we may think. 

No one likes to be told what to do, especially from some invisible governmental entity. The reality is most companies are woefully neglecting IT security mandates like NIST, HIPAA, PCI, and others. Consumers have had enough and the government is responding.

 

Without [compliance], many organizations wouldn’t have security controls in place, and there would be no consistency of standards among the protocols being used… compliance has created a level playing field that all organizations are expected to meet when it comes to protecting sensitive data…evaluate compliance not as an expense, but as a money saver. Sure, managing compliance takes resources, but it’s nowhere near as expensive as the costs associated with a breach.

Paul Koziarz, President and General Manager of Regulatory Compliance at CSI

 

Too often companies choose to do nothing because putting a head in the sand is easier in the short term than implementing a solid data security framework that provides a straightforward path to compliance. I also hear more than I care to, “Cybersecurity is already too expensive, and obtaining data compliance would be even more expense on top of that.” The fact is that with the right plan and the right help, you can have a robust cybersecurity platform and be compliant for far less than you may think. Smart companies are using data protection to demonstrate trust whether online or off.  One thing is for sure, the proactive investment is a fraction of the financial havoc wreaked on your organization in the event of a security break. And, that’s just the out-of-pocket remedial costs, not the impact that a breach will have on your business and reputation.

Make no mistake the squeeze is coming. For my money, it makes more sense to prepare now while you’re in control than later when the government is.

Stay safe!

 

 

If you want some recommendations or advice, please contact me. I’ll be glad to give you the names of some of the tools our client’s leverage. Shoot me an email (jahlberg[at]waident.com) or give me a call (630-547-7011)

(NOTE: We do NOT share our tool names via our posts. Cybersecurity best practices recommend NOT to because doing so creates unneeded risks as hackers are always searching for vulnerabilities).

Dig Deeper

COVID 19 + Working From Home = CyberRisk

Making Smarter Pandemic IT and Cybersecurity Decisions: Avoid Doing Good, Then Getting Hacked

Cybersecurity In The Days Of COVID-19

 

John Ahlberg, CEO, Waident Technology Solutions

John Ahlberg
CEO, Waident

CIO in the corporate world and now for Waident clients. John injects order and technology into business process to keep employees productive, enterprises running, and data safe.

Subscribe

Related posts

Choosing an MSP: No. 2. Strategic Alignment and POV on IT

Choosing an MSP: No. 2. Strategic Alignment and POV on IT

Does the MSP share our vision for IT and its purpose? Financial viability is critical for an MSP. Prudent financial management ensures that the proper investments are being made in the business and that the MSP can survive the booms and busts of technology trends....

Responding to Cyber Risks in SMBs Using the NIST Framework

Responding to Cyber Risks in SMBs Using the NIST Framework

Prudent business leaders and risk managers understand that identifying, protecting against, and detecting risks are necessary, albeit fallible, actions to mitigate a complex world full of risks. As we have seen from prior posts, cost, time, and resource tradeoffs...

Detecting Cyber Risks in SMBs Using the NIST Framework

Detecting Cyber Risks in SMBs Using the NIST Framework

You have been following the NIST framework and have successfully identified the areas of risk and implemented protections against them. We're now at the stage to ensure that we are able to detect any breaches that make it over the proverbial "wall." This is a CRITICAL...

Share This