Skip to main content
Rehmann
Rehmann
Solutions
Industries
Resources
About Us

Empowered Chats: A deep dive into cybersecurity planning

November 3, 2022

Contributors: Jim Bruxvoort, MBA, ITIL Foundation Certified

Rehmann recently held a webinar, Disruption Around Every Corner, which discussed the number of growing pressures on business such as labor shortages, supply chain issues, and mounting cybersecurity threats. As these pressures continue to grow around the world, businesses and individuals are feeling the financial impacts.

In this installment of Empowered Chats, we sat down with Jim Bruxvoort, director of partnered technology services, to dive deeper into cybersecurity threats. What is a cybersecurity plan and how can being proactive with a plan protect your organization from these threats?

A cyber plan goes beyond security. When you create a cybersecurity plan, you’re not only working toward keeping your business secure, but you’re also managing the risk. First, you must identify what data you want to protect. Once you’ve identified your organization’s crown jewels, then decide how you will protect them. Finally, and possibly the most important step, you will need to put processes and procedures in place to follow if you experience a cyber incident. Knowing how to respond gives you a guide and a pathway toward making the best decisions. Having a plan in place doesn’t ensure you won’t experience a cyberattack, but you will know how to respond effectively and timely to mitigate further risk from the threat actors.

Why does this apply to me? Once you understand the importance of developing a cybersecurity plan and its benefits, you may be wondering if your organization truly is at risk. The answer is yes. Today anyone can be a target for a cybersecurity incident. For small to large businesses, and everyone in between, it’s not a matter of if, but when. According to IBM’s 2021 Ponemon Institute study, a threat actor can be in your systems for 287 days before anyone realizes it. It’s a scary statistic and one that gets you thinking about how much risk you’re willing to accept.
Initially, the financial industry was the primary target for threat actors, but today we’ve seen it spread to an array of industries. Healthcare organizations that store a plethora of patient information are a big target. Manufacturers, whose programs can be infiltrated by a threat actor, are also at high risk. If these programs are infiltrated, it could shut down production for weeks leading to a huge loss in revenue. Furthermore, with many industries making the shift to remote work, organizations are even more vulnerable. Data and company information is being shared and stored digitally, making it convenient and simple to conduct business from any location, but this also makes it much easier for a bad actor to get into your systems.

First steps. There’s no easy button, but you can start taking steps to combat these risks. We’ve already touched on developing a cybersecurity plan, but training your people is another cost-effective step. A threat actor looks for low-hanging fruit. Attacking your organization’s firewall could prove to be tricky but getting in through your employee’s can be much easier. Therefore, invest in training your employees so they’re alert and aware of threats, such as email phishing scams, and they know how to appropriately respond.

Cybersecurity can’t be tackled overnight. Being educated and aware of the risks and threats is a great first step. At Rehmann, we have advisors like Jim who specialize in walking businesses through the development of a cybersecurity plan from start to finish. It’s a process that requires a lot of thought and time, but you’ll sleep better at night knowing your organization is protected and prepared. Contact us today to connect with an advisor and start your journey toward a future with a plan.