At Shield IT Networks, we've all heard the familiar mantra that "the biggest risk is the one you don't take." While there's certainly some truth to this statement, experienced business executives know that taking wild risks without considering the potential consequences is not a recipe for success. Instead, they take calculated risks, putting buffers, hedges, and checks in place to reduce the risk and potential losses. They understand that unchecked optimism is dangerous, and that Murphy's Law is always lurking around the corner, ready to disrupt even the best-laid plans.
If you follow Warren Buffett’s two rules of investing, you’ll see this same caution: Rule #1 – Never lose money. Rule #2 – Never forget Rule #1. It's a good piece of advice to keep in mind, and one that applies just as well to business as it does to investing.
A good question to ask yourself is where are YOU putting your business and your money at undue risk? While you cannot prepare for and prevent EVERY risk in your business, one area where we see a lot of businesses taking huge, unmitigated risks is with their data and cyber security.
Despite the overwhelming evidence that the risk and the financial consequences of cyber-attacks are enormous, we still hear, “Nobody is going to hack us…we don’t have anything they want,” or “We can’t get hacked because _____,” with the blank being things like “we use cloud applications” or “we have a good firewall,” “our people are too smart to click on bad links in e-mails,” or other similar “reasons” for their false sense of security. They explain it away.
Candidly, it’s our belief that this is not founded in confidence and logical thought but based in a willful neglect and a desire to avoid spending the funds necessary to truly secure their data, their business, and their finances. And while we understand that nobody wants to spend a lot of money on IT, the risk doesn’t cease to exist just because you choose to ignore it.
One of the most intelligent investors in the world, Howard Marks, CEO of Oaktree Financial, said, paraphrased, the less risk you perceive, the more risk there is. For example, if I don’t think there’s any chance I can die in a car wreck on my way to the store, I’ll fail to put on my seat belt, text while I drive and be a lot less cautious about paying attention to the road than if I thought there was a very high chance I could be in a fatal crash. The lower the risk perceived, the higher the risk actually is, because we lower our guard and don’t protect against it.
That’s exactly why small businesses are the #1 target for hackers. They’re EASY prey. Sure, they don’t get the bragging rights of bringing down a company like Dole or hacking into Microsoft Azure, but hacking millions of small businesses for a few thousand dollars each in ransomware pays. You just don’t hear about these attacks because they don’t make the evening news, just like you don’t hear about the 6 MILLION car wrecks that happen every year. Only the big ones – or the ones that seriously impact rush hour traffic – get noticed.
If you are not all that certain that you are truly and fully protected against such hacks, click here to schedule a brief discovery call with us. We can conduct a quick and easy cyber security risk assessment and tell you for sure if your current IT company is protecting you, and what level of risk you’re at for a cyber-attack.