Many compliance-driven organizations are required to go through a technology vulnerability and risk assessment, however it is becoming ever more apparent in light of the WannaCry Ransomware that every organization is vulnerable to threats and attacks.  In fact, the US National Cyber Security Alliance reports that of the small to medium-sized businesses that are affected by a cyber-attack, 60% of them will close their doors within 6 months, largely due to the cost of downtime and recovery.  Security Magazine reports that the average small to medium business data breach costs somewhere between $36,000-$50,000 to recover from.  This is not an easy check to write for most businesses out there.

So, what can you as a business owner do?  While you can never be 100% vulnerability-free, there are several things that you can do to reduce the technology threat to your business.  Here are a few good ways to start:

  • Understand what needs protection.  Know the importance of the information you have and level of security that is needed. Today’s encryption technologies for example, go a long way to ensuring that your information is protected in case of lost or stolen computers and hard drives.
  • Enable password complexity.  Strong, unique, and complex passwords and are great things to mandate across any organization.
  • Deploy advanced security services. While anti-virus is an absolute must, additional services such as OpenDNS can help protect your employees from accessing unwanted web traffic on the internet. These services also protect from zero-day attacks and ransomware attacks.
  • Have a Business Continuity Plan in place. Simply having a backup of your data is not enough. A Business Continuity Plan will ensure that your backups are tested regularly, reduce downtime if there is failure, and ensure that you have a plan in place to restore.
  • Education. The number one vulnerability in any organization is their employees.  Ensure that you provide the resources needed for everyone in your company to regularly educate themselves on the latest threats in the workplace.
  • Conduct a Risk Assessment. Knowing where you are the most vulnerable will begin to help you build a roadmap and forecast budgeting for today’s issues and future technology needs.  A professional risk assessment provides you with comprehensive list of vulnerabilities, threats, and opportunities for remediation that are not so apparent to the untrained eye.


Written by Matt Fraser, the Director of Business Development at Epsilon, Inc, a Managed Services Provider based in NC.  Epsilon provides the best of breed products and services including its 24×7 Solutions Center Help Desk Support, its SAVE Hybrid Cloud Technologies, Network & Security Assessments, Compliance-Based Risk Assessments, and project-based engineering services.  To find out more about Epsilon, please visit us at