Cyber Risk Management for Small Businesses

Rob HegedusCarrying the message of cyber risk management for small businesses at the National Governors Association cybersecurity roundtable

Our CEO, Rob Hegedus, and EVP, Heather Engel, were recently invited to Washington D.C. for a cybersecurity National Governors Association roundtable discussion with Virginia Gov. Terry McAuliffe, where we made the case for cyber risk management for small businesses.

Hegedus and Engel joined McAuliffe at the fourth roundtable of his 2016-17 National Governors Association (NGA) chair’s initiative called “Meet the Threat: States Confront the Cyber Challenge.”

Hosted by the Northern Virginia Chamber of Commerce in Tysons Corner, Virginia, the session included representatives from the federal government and small business. Discussions centered around identifying critical challenges to protecting the cyber environment, potential solutions for addressing them and promoting and highlighting existing resources for small businesses.

According to a McAuliffe press release, Meet the Threat “places states at the center of finding solutions to the increasingly sophisticated cyber threats facing the nation. The initiative’s primary goal is for states to develop strategies for strengthening cybersecurity practices as they relate to state IT networks, health care, education, public safety, energy, transportation, critical infrastructure, economic development and the workforce.”

Here at Sera-Brynn, ranked no. 1 in Virginia, no. 7 in the U.S. and no. 10 in the world of the hottest and most innovative cybersecurity firms by Cybersecurity Ventures, we advocate a strategy that applies to businesses at all levels: Compliance; Insurance; Response.

Heather EngelYet due to limited resource availability, we think small businesses will have to rely more heavily on the insurance leg of that stool. Hegedus made the case at the roundtable for small businesses using their insurance provider to help transfer their cyber liability risk.

McAuliffe announced that enhancing cybersecurity operations at the state level is essential to fulfilling every governor’s responsibility to protect families and businesses from cyber threats, which is why he has made the issue his top priority as chairman of the National Governors Association.

He added that he is introducing legislation that makes acts of computer trespass using intentionally deceptive means a Class 1 misdemeanor. He is also introducing legislation that requires employers and payroll service companies to notify the Virginia Department of Taxation when the security of their payroll system has been breached.

“Both bills will decrease the significant financial harm that small businesses face due to criminal activity and extend Virginia’s position as a leader in the fight against cyber crime,” McAuliffe said.

Roundtable participants also focused on “early education” to create the next workforce of cybersecurity specialists to help fill an ever-increasing gap in qualified candidates for open positions. McAuliffe pointed out that Virginia has 17,000 unfilled cybersecurity jobs with an annual salary of $88,000.