RSA Conference 2022: Infosec pros urged to help small firms, non-profits

Share post:

Infosec pros must help small businesses and non-profits boost their cybersecurity maturity to help bolster the overall security of enterprises and critical infrastructure, Cisco System executives told attendees at this year’s RSA Conference in San Francisco. “The weakest link in your supply chain can bring down the entirety of your ecosystem,” Jeetu Patel, Cisco’s executive vice-president of security and collaboration, warned at the start of the conference Monday. “We need security resilience, just like we need business resilience, because there’s a massive ripple effect” from a successful cyber attack. He noted that Wendy Nather, head of Cisco’s CISO advisory team, believes there is  a ‘security poverty line’ — a baseline minimum security posture that every company should maintain. Organizations that don’t have enough resources to maintain that level fall below the poverty line. But Cisco believes when a firm drops below that level, it not only endangers itself, it also endangers the organizations it partners with. “We want to make sure when this happens you don’t ignore the smaller companies, the not-for-profit companies that are participating,” Patel said, “because 60 per cent of small businesses that have a cyber attack go out of business in six months.”
Photo of Cisco Systems' Shailaja Shankar at RSA Conference 2022 San Francisco
Shailaja Shankar addresses RSA Conference 2022 San Francisco
Shailaja Shankar, senior vice-president of Cisco’s security business group, noted the 2020 ransomware attack against Blackbaud, which sells IT solutions to non-profits and charities, impacted over 1,000 organizations around the world. Non-profits are definitely critical infrastructure, she said, noting many help victims of violence, feed hungry people, and assist victims of natural disasters. Other small organizations also qualify as critical infrastructure, she added, such as small municipal water utilities. The U.S. Justice Department has charged a man with allegedly attempting to access a computer controlling the disinfectant levels of a water system, she added. Small firms and non-profits suffer from a lack of sufficient IT budget, lack of personnel with cybersecurity expertise, outdated software and hardware, and lack of influence in negotiating terms with cybersecurity vendors and suppliers, Shankar said. She urged conference attendees to think about how those deficits can lead to cybersecurity issues that could spread beyond the walls of those organizations. In March, Cisco announced a US$15 million grant to NetHope, a global consortium of over 60 nonprofits, to support their digitally-enabled programs. “We must stand together,” Shankar said. “This interconnected problem requires an interconnected approach to solving it. Shared risk calls for shared defences. As an industry we owe it to each other. I feel it is our civic duty to do this.” “If we don’t address the least prepared in the world, the most prepared will suffer,” Patel said. The post RSA Conference 2022: Infosec pros urged to help small firms, non-profits first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

The US government and Its Microsoft dependency: A cybersecurity dilemma

Microsoft's series of high-profile cybersecurity failures has once again spotlighted the complex relationship between the tech giant and...

Cyber Security Today, Week in Review for week ending Friday, April 12, 2024

This episode features a discussion on Microsoft's cybersecurity troubles, worries about open source, a warning about abusing IT help desks to launch attack

Cyber Security Today, April 12, 2024 – A warning to Sisense customers, a new tactic for spreading the Raspberry Robin worm, and more

A warning to Sisense customers, a new tactic for spreading the Raspberry Robin worm, and more. Welcome to Cyber Security Today. It’s Friday April 12th, 2024. I’m Howard Solomon. Organizations that use products from business analytics provider Sisense [SI-SENSE] are being told to reset user login credentials and digital keys. The warning comes from the

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways