Your Board and risk management

In our next few blogs, we are going to look at what ways a small firm may be vulnerable to a cyber attack. In particular, we discuss the major areas of vulnerability your business faces.Specific topics include customer and company data loss, legal implications, fines and regulatory penalties, brand damage, downtime and revenue loss, and supply chain vulnerabilities.

Obviously, your shareholders want to understand how you plan to defend against and respond to cyberthreats, but that's a topic for another e-guide. Today, we will talk about educating your board about one area that you are at risk for when a cyber attack occurs.

Downtime

This is the most obvious and immediate consequence of a cyber attack. Your business becomes partially or fully shutdown. Given our reliance on technology, almost every aspect of a business, even a small service business is, in some way, reliant on technology. For example, a medical office can’t function if its reservation system is attacked. Staff may lose the basic ability to know which patients are scheduled for the day. A smaller retailer can’t ring sales if the POS goes down. If your website is attacked and compromised, that’s akin to shutting down the doors of a brick and mortar operation.

Why is this a shareholder topic? Downtime places the entire organization at risk of failure. Small businesses are much less likely to recover than are large businesses. Your Board will want to be informed about how you propose to keep the organization safe.