One of the concerns I've had as an InfoSec professional is what about those businesses that maybe aren't covered by PCI requirements (or outsource that risk by partnering with companies who do the transactions for them) but also have a certain amount of computers, intellectual property, or confidential/private/trade secret data that they should protect. Most small to midsized businesses haven't classically pursued things like risk management, security, and governance as aggressively as the larger or public companies (for various reasons including cost, less compliance drivers, etc.)
Today I saw an article that pointed out that small to mid sized businesses are under prepared for a security incident, and many have never had a simple security assessment performed, or know what they should do to reduce the likelihood of a security incident.
Article
Starting today Practical Information Security will be offering consultations for small businesses that want to get a handle on the security threats that matter to them, and need a straightforward approach of how to mitigate and remediate the security threats in their environment.
If you are interested in hearing more, contact me.
->Pierre
Today I saw an article that pointed out that small to mid sized businesses are under prepared for a security incident, and many have never had a simple security assessment performed, or know what they should do to reduce the likelihood of a security incident.
Article
Starting today Practical Information Security will be offering consultations for small businesses that want to get a handle on the security threats that matter to them, and need a straightforward approach of how to mitigate and remediate the security threats in their environment.
If you are interested in hearing more, contact me.
->Pierre
Comments