In today’s business world, there is a partner for everything: process your payroll, track your employee’s benefits, create your advertising campaigns, etc. For centuries, professional services companies have been there to do things so you don’t have to; to be the expert in the room, at the right moment, to help your business grow.
It is a dynamic relationship that has changed a lot this century: direct deposit replacing paper checks, online portals eliminating paper waste, ad campaigns pitched over Zoom, etc. The upside is that things move a lot faster now, but the downside is that a lot about your company secrets now reside in someone else’s systems. Everything from former employees’ Personally Identifiable Information (PII) to discarded market strategies. It’s outside of your control, but not outside of your responsibility.
I was reminded of this when I read about a recent ransomware attack on a UK marketing services firm. Imagine what happened to the record label happening to you: it’s your partner’s work product, but it’s your brand that is encrypted and held for ransom. It’s your prominent marketing campaign that is delayed, or, worst-case scenario, must be scrapped because the media files are locked away by some outside threat actor that will never give you the keys.
Our advice? Make time to have candid conversations with your partners. Ask them to explain their cybersecurity posture. When was the last time they had a SOC2 or IT General Controls audit? Do they have cyber insurance, and will it cover the business loss you incur? If they process data on your behalf (payroll data, marketing data, etc.), are they adhering to government regulations to protect your assets in their systems? Can they convey how they handle incident response management in the unfortunate event of a breach?
If you own a professional services company and sit on the other side of the proverbial table, ask yourself: are you satisfied with your answers to all these questions? Will your clients be satisfied or scared? What will just one successful cyberattack do to your reputation in the business community? Can you survive the client loss that comes with a damaged reputation? Can you survive the downtime while your critical systems are offline for repair?
Our experts at CyberFort Advisors have decades of experience helping companies improve their cybersecurity posture and becoming better partners with their clients. We harden your defenses, train your employees, and identify threats before they blow up your business. We can create a custom plan unique to your business needs. Contact us at 1 (866) 221-4004 or [email protected] to learn more.