Behind the Headlines
Why mid-sized industrials can’t ignore cybersecurity
Week of April 8, 2019
In his annual letter to investors last week, JPMorgan Chase CEO Jamie Dimon expressed concerns about five key issues. Not surprising were that relations with China and possible instabilities in the global financial system made the list. Perhaps more surprising was his ranking of cybersecurity as a top-five worry.
Of course, it makes sense for one of the world’s largest banks to take cybersecurity seriously. But mid-sized industrial companies should be worried too, says Chuck Brooks, principal market growth strategist at General Dynamics Mission Systems and cybersecurity and emerging technology advisor to LinkedIn.
“Almost half — 46% — of the business victims of cyberattacks are smaller businesses,” said Brooks, who will be speaking on cybersecurity at IndEx 2019 in Miami Beach in early May. “Increasingly, mid-sized industrial companies realize that they are being targeted, but there’s a lot more they must do to increase their security.”
Brooks noted that the relative obscurity of many privately owned mid-sized industrials given their sometimes remote geographical location, their B2B product mix and non-public ownership no longer serves as a cybersecurity moat.
“Because of today’s complex and interconnected supply chains, as well as the social media presence of company executives, mid-sized companies are easy for cybercriminals to identify and, if security is lax, easy for them to hack,” he said.
Since smaller businesses have so much to lose from a cyberattack — financially as well as in terms of reputation and trustworthiness — executives must make cybersecurity a top priority, Brooks said, and he notes that more of them are doing that.
“But cybersecurity is not a one-time thing,” he said. “Every executive and employee must become more aware of the threat, vigilant about protection and make sure they pay attention to the basics.”
That final point means such essential, but typically routine, tasks as changing passwords frequently, continually updating software with the patches sent by their creators, educating staff about phishing and other scams, and regularly backing up files and storing them safely. “Mid-sized firms must realize that they are now part of a larger digital ecosystem, and they don’t want to be the weak link,” Brooks said.