IT Insight: Cybersecurity vulnerabilities and your business

Every organization faces Cyber Security risks and vulnerabilities daily – many completely invisible until you receive a ransom demand or learn that your data is for sale on the dark web. A thorough and comprehensive risk assessment will give you the insights you need to understand the threats you face and how you can overcome them with the right security measures that are relevant to your business.

With no limit to how much you can spend on cyber security, and plenty of people ready to sell you things you don’t necessarily need, a security risk assessment is an essential tool to help you make the best decisions for your business to direct your investment to where it is needed for your unique requirements and priorities.

Within your business, the technical landscape contains numerous network security threats. New vulnerabilities are discovered and exploited every day, endangering your company’s sensitive data. Many threats go unnoticed by business owners.

Your team and your customers depend on you as a trusted custodian of their confidential information. Failing to protect private information doesn’t just harm your reputation, it may put you in legal jeopardy as well.

For a growing number of industries, security is no longer a choice. Compliance may be a prerequisite to qualify for contracts. NIST (National Institute of Standards and Technology) framework was created to give federal agencies and businesses of all sizes a structure to determine the appropriate mix of security practices to fit their specific threats, vulnerabilities, and risk tolerances. A third-party external vulnerability scan will examine your IT infrastructure and potential gaps. This will give complete visibility across your networks and all connected endpoints including IT, IoT “Internet of Things” and BYOD “Bring Your Own Device” assets. This will help meet many of the compliance needs with in your industry.

Based on your industry, there are various compliance requirements that your company may need or will need to meet either with vendors, clients, contractors, payments, etc.

The unique technological needs regarding healthcare dictate HIPPA Compliancy (Health Insurance Portability and Accountability Act of 1996).  For manufacturing organizations interested in obtaining DOD contracts, CMMC (Cybersecurity Maturity Model Certification) is necessary, which includes many security requirements that will impact your business working with the U.S. Department of Defense. DEFARS (Defense Federal Acquisition Regulation Supplement) dictates additional security compliance recommendations. And for any businesses utilizing credit cards, PCI (Payment Card Industry) Security Standards dictate processes to protect customer information and personal data.

A proper Risk Assessment offers an overview of your current network security and the risks that exist within. A Managed Service Provider or IT Security Specialist should provide you with information and recommendations on how to best attack these threats, so you can better protect your data.

It’s important to work with experienced security professionals with the knowledge and skills needed to address multiple layers of risk to your company’s computer network security. This should involve an overview of your business’s cyber security threats as well as recommendations for solutions.

You should look for an in-depth overview of your network security and the objectives to mitigate issues within that. Your security assessment should include an explanation of the tools that will be used to gather information and discover vulnerabilities. These tools highlight weak spots but should have no negative effects on your network. The report should include what the security assessment will examine and the data that it will collect. This overview of your network’s current state gives you a clear picture of where you may be experiencing security problems that require swift attention.

Every business should have comprehensive knowledge of the security needs within its network. A robust assessment process designed to provide your business with the information needed for network security is the foremost route to safety and compliancy within your network, including findings and recommendations on how to resolve any detected security vulnerabilities as well as addressing your Business Continuity and RTO (Recovery Time Objective) should a breach occur.

Stay one step ahead of network vulnerabilities. Defeat cyber-attacks with a risk assessment for your business network today.

JoAnn Hodgdon is vice president and co-founder of Portsmouth Computer Group (PCGiT) with her husband David. For 25 years, PCGiT has provided comprehensive managed IT services, business continuity, security, cloud computing and strategic vCIO services to their clients. You may reach her at or through