October is National Cyber Security Awareness Month, so it’s no surprise that the spotlight has been shining even brighter on the issue this month. It even became part of the U.S. federal shutdown discussion when senior officials voiced their concern that the shutdown’s resulting furlough of thousands of cybersecurity and intelligence specialists amounted to an open invitation to hackers.
Federal CIO Steven VanRoekel was quoted by InformationWeek Government as saying he feared the reduced number of cybersecurity professionals on active duty across federal agencies gave hackers greater opportunities to move about within agency IT networks, thereby heightening the risks agencies already face that their systems could be compromised.
Meanwhile, technology and healthcare businesses continue to increase their investments in cybersecurity. A recent report by Silicon Valley Bank found that 50% of the small- and mid-size businesses it surveyed are increasing their spending in cybersecurity; and they are investing in active response, not infrastructure.
“The survey shows us the threat of a cyber attack is not just hype. A surprising number of technology companies we heard from say the threat to their [intellectual property] and their business is very serious,” said Bob Curley, managing director of corporate finance for Silicon Valley Bank. “Companies in the tech sector, particularly software companies, are feeling exposed, and increasingly having to expend resources to manage cyber attacks, rather than investing in the growth of their business. That’s a huge impact on a growing company, and eventually the economy overall.”
“This study is of interest because of its focus on small- and mid-size businesses,” says Diane Carlisle, IGP, CRM, of ARMA International. “While we might expect businesses of this size to rush toward public cloud offerings due to its cost advantages, the study shows a significant level of concern about the security measures offered by potential business partners.”
ARMA International has a number of resources that can help information governance professionals guide their organizations to effective decisions when outsourcing the storage of electronic information. Of particular note are: