The importance of cybersecurity for small businesses and merchants
Get Started with PCI ComplianceStart Here
Cyber criminals continue to threaten businesses of all sizes, but small and medium sized businesses (SMBs) often feel the pain of a data breach more acutely. With less staff, tighter budgets, and a significant need to maintain brand trust and identity, SMBs have good reason to make security a priority.
But, maintaining data security at an SMB is easier said than done. Employees may wear many hats, and understanding the principles and applications of basic security takes time. While they might be tasked with strengthening their organization’s data security environment, they are probably not data security experts.
Lack of security education is a major contributor to data breaches. For example, 73% of breaches investigated by SecurityMetrics were due to a lack of logging or log monitoring, which is a foundational data security principle.
In some cases, merchants may not even know which security mandates apply to them and could be facing serious, unknown security gaps.
A need for small merchant cybersecurity resources
There is a clear need for more organizational cybersecurity education, and our mission at SecurityMetrics is to help businesses close security and compliance gaps to avoid data breaches.
For these reasons, we created SecurityMetrics Academy.
We want to help as many merchants as we can understand the principles and foundations of the practices they should implement. Ultimately, we want to help them avoid the pain of a security compromise.
Academy is a free educational course designed for anyone who wants to learn about data security. It is meant to prepare users to take on data security challenges at their organizations by educating them in the areas of PCI DSS, HIPAA, GDPR, as well as in general data security basics and best practices.
SecurityMetrics Academy teaches foundational security principles
Academy contains videos, quizzes, and external resources on topics like security policies and encryption. Our intent is to help SMBs like franchisees, small merchants, and healthcare practices understand the importance of cybersecurity and address specific risks businesses may face.
The course is broken up into 5 sections:
Policies and Procedures
How to Properly Manage Sensitive Data
How to Respond to a Data Breach
Users can also sign up for the course as a whole, which includes all 5 sections as well as introduction videos.
Academy helps organizations close data security and compliance gaps
Students of Academy say that the course is “informative,” with “great information and recommendations.”
One user commented that it will “provide an excellent resource to my newly hired compliance-focused analyst.” Another feels it’s a “great introduction to the problem of creating awareness of the responsibility that businesses and workers have when handling data. Also a good place to start when considering breach response plans.”
SecurityMetrics CEO Brad Caldwell says, “We're excited to launch this type of free resource that businesses have never really had before. We created Academy to empower merchants. We want to help them understand their real security risks, as well as which compliance mandates they may need to adhere to. Once merchants have a foundational understanding of data security risk and compliance, they can keep coming back to Academy to easily access more information.”
If you have questions about PCI Compliance, PCI Audits, HIPAA Audits, GDPR, or general data security, contact us here.