The Senate Intelligence Committee’s newly passed controversial cybersecurity measure is designed to help companies fight cyber attacks by persuading businesses to share more digital data with the government and each other. However, there is a catch 22. Critics claim it causes a loss of privacy, while the government aims to grant liability protections to companies which share data. The committee’s next steps are to bring the bill to the Senate floor for a vote, which could take place shortly after recess ends in April.
This bill may be justified, as PwC research demonstrates. The study, conducted in partnership with CIO and SCO magazines, finds that average financial losses due to cyber attacks by U.S. mid-market companies in 2014 have reached $1.8 million. The top two security breaches include exploitation of data and IT systems, while the hackers’ top acts are compromising employee and customer records.
Smaller firms are taking note and stepping up their game. A 2014 Travelers Cos. Inc. analysis finds their risk strategies are beginning to equal, if not surpass, those of larger companies.
But this doesn’t come without challenges. Channelworld reports that major obstacles include the cost of developing cybersecurity measures, the inherent limits of relying on technology and employing a stable of well-trained security experts. This latter hurdle could be elusive, as Channel Dynamics Co-Founder and Director, Cam Wayland, says in Channelworld, firms “may only have one security analyst or specialist.”
Whether businesses rely on the cybersecurity bill or their own risk-mitigating programs and well-trained experts to protect their data, they’ll face high costs. No matter what, companies that think they’re too small to be hit by a cyber attack ought to think twice before their bottom line takes a hit.