“The most expensive thing in the world is trust. It can take years to earn and just a matter of seconds to lose.”– Unknown
Banks, venture capitalists, and perspective buyers are increasingly adding a new criterion to their investment audit: cyber risk. Reflect on whether your business is ready to do cyber-battle today, and the cost if it’s not ready.
When we make a mistake in business, it’s natural for others to notice. It’s also natural for them to question your business acumen when such mistakes are made. Some mistakes, inevitably, are bigger than others. Some are so big that people outside your organization notice. One such rising mistake most often noticed is when businesses around the world are victimized by cybercrime.
Cybercrime, as I’ve detailed in other articles, is a panoply of digital wizardry, conducted by elusive criminals operating in the dark web. Like a group of rebels, they perform guerilla warfare, conducting hit and run tactics, striking fast and hard, and disappearing in an instant. Also, similar to the fallout in guerilla warfare, the public perception of blame often lies in the organization or institution attacked. Questions arise such as:
- “Why aren’t your defenses stronger?”
- “How could you let this happen?”
- “What are you going to do so this doesn’t happen again?”
As if the underdog principle applies, you’re left to pick up the broken pieces with no finger to point.
Of course, in the business world, these questions don’t come from concerned citizens. Rather, they come from employees, shareholders, partners, and your board of directors. They also come from an increasingly more vigilant and hyperaware group: investors.
In many ways, this can be incredibly frustrating. A business that, for all intents and purposes, has maintained good books, high customer satisfaction, and taken care of its employees receives a large black eye that in some cases can leave you blind and crippled, ruining a potential deal, buyout, or investment block.
Since cybercrime has exploded in the past five years, banks, angel investors, lenders, venture capitalists, and potential buyers are taking a closer look at the businesses that they give their money to and what their cyber risk exposure looks like. They incorporate ESG tools and assessment criteria to test your cyber security parlance and practice. The equation is simple: If you fail, you don’t get their money and support.
This reality is further heightened by rumors that the U.S. government is in the works to pass a federal data and privacy security law, similar to the ones already passed in California and the EU. While such laws mostly apply to data harvesting companies, there are greater ramifications for anyone who is affected by cyber-crime. The general message being, ‘It’s the 21st century, we live in a digital age, and there are digital thieves. Take appropriate steps to protect yourselves and your customers or you’ll face fines.” With this possibility on the horizon, no bank, buyer, or investor will touch your business if there is even a hint that your company is unprepared for a cyber-attack.
The good news is that there are countless effective measures to prevent your business from succumbing to cyber-attack. Look for a company that will perform stress and penetration tests to give you the bulletproof security blanket you need, whether to impress investors and bankers, or just stop the next ransomware attack that is sure to come your way and keep the trust you have so diligently earned of those in your community.
As I’ve mentioned, taking these extra steps is in the best interest of everyone involved and your greater circle of influence. It simply can’t be overlooked.
Mehul J. Davé is CEO and chairman of Entelechy Global Inc., and chairman of Linkage Technologies Inc.