When, not if...
- Charles Parker, II
- Mar 3, 2017
- 1 min read
The number of businesses through the nation is rather large. Many of these know they are regularly targeted. Too many of the remainder businesses are hoping that security by obscurity works. It does not. Small- and medium-businesses (SMB) are actively targeted by the attackers due to this lack of sufficient focus on Infosec. One symptom of this is a lack of a security policy, or one in place on the shelf with a large amount of dust due to a lack of any review for years.
This shows two issues plaguing the SMB. The attacks themselves advance so quickly that the policy itself does need to be reviewed periodically and updated as needed. As part of this endeavor, regular training to build and maintain an adequate level of security awareness is needed. This does not need to cost a mass amount, but be relevant and direct.
About the author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.
Recent Posts
See AllWater facilities by Charles Parker, II When we read about new compromises or watch the news stores of the “sophisticated attacks”, the...
It’s not safe to go to meetings anymore! by Charles Parker, II Meetings on Teams or any other tool have become a requirement. Pre-COVID...
FDA Ramping Up Cybersecurity Compliance by Charles Parker, II On October 1, 2023 the FDA enacted the Cybersecurity Refuse to Accept (RTA)...
Comments