Page 3 - Upper Peninsula Business Today -- May 2019
P. 3

Cybersecurity: Women in Business & Higher Education
The author will be writing a monthly article throughout 2019 on Cybersecurity across various mar- ket segments. Be sure to watch for it to see how your business may benefit from this important information. Good reading and see you next month.
For this article, the author has interviewed three women in different market sectors; an online retail business, a technical drafting service, and a senior instructor in higher education.
Cyber attackers who target small business have dif- ferent motivations; some try to get valuable financial or technical data, while others are purely malicious and just want to create chaos. In some cases, malicious attacks can be more complicated to mitigate as they can damage the valued reputation of a business. As chal- lenging as it is to alleviate the loss of technical or finan- cial data, diminishing the damage to a business’ repu- tation can be much more difficult to resolve.
Bobbi Bicigo, owner of Protea Floral Designs (Pro- tea) in Hancock, conducts most of her business online through Facebook and Instagram. Because the major- ity of her advertising and networking is done on social media, malicious attacks are a reality. Bobbi believes she has stopped at least one malicious attack on Protea’s reputation because of her consistent communication with her audience. “I try to stay vigilant about moni- toring my social media accounts for any suspicious
activity as they are the direct avenues to my customers,” she said. “I have been fortunate that my customer base likes to stay in touch with me and with each other; this makes it easier for me to spot and to call out a malicious intruder”. Bobbi has taken steps to protect customer payment information by only accepting PayPal for online sales. In order to protect Protea’s invaluable rep- utation, however, she
must remain vigilant about what is happening on her social media site at all times.
Dorothy Ruohonen,
owner of Hawk Tech-
nologies (Hawk) in
Houghton, is quite famil-
iar with cybersecurity as it
has become an important part of her daily operations. Because the Department of Defense (DoD) is one of their clients, Hawk has had to perform the NIST SP 800-171 requirement to keep existing contracts and to vie for new ones. Dorothy was willing to step up and tackle the regulation as soon as she became aware of it. “It is a pretty big project to take on for a small busi- ness”, Dorothy said. “We knew we had to comply with the regulation to keep our company moving in the right direction. We did our homework to ensure that we understood what our level of response should be
and to find the most cost-effective way to comply”. After completing the compliance process, Hawk saw an opportunity to diversify and to offer this essential service to other small businesses. “We realized that, although ‘cybersecurity’ encompasses many operations within a business, the specific requirement of perform- ing NIST SP 800-171 is an actionable item that applies
up and down the sup- ply chain to those doing business with the DoD. We already had the internal capa- bility to accomplish this for ourselves; why not offer our experi- ence in this area to other businesses?”
Sheila Milligan, a senior lecturer in Accounting at the School of Business and Economics with Michigan Technological University (MTU), has a deep under- standing of cyber risk management. With a Master of Accounting and a specialty in Forensic Accounting, Sheila understands the risks that financial institutions face from cyber attackers looking to steal valuable financial data. As an educator, she has witnessed the changes in educating and training accountants. Stu- dents are being taught how to protect theft of intangi- ble information because accountants entering the busi-
ness world must possess advanced analytics skills along with a standard level of accounting knowledge. Data analytics are utilized to help businesses uncover valu- able insights within their financials, identify process improvements that can increase efficiency, and better manage risk. “As accountants, we are the sheriffs of the business world,” Sheila said. “One person committing fraud causes ninety-nine others to spend resources on fraud mitigation. If our industry does not self-regulate, the government will take over compliance and over- sight; which will result in added expense and inefficien- cy.”
Because cyber risks are so prevalent these days, busi- ness owners and stakeholders must get involved to ensure that appropriate mitigation strategies are in place. We all know the first step to treating addiction is admitting there is a problem. Similarly, the first step toward cybersecurity is acknowledging that you are at risk.
A. Elisabeth Tolsdorf is author of this article and the Director of NIST SP 800-171 Compliance for Hawk Technologies, a woman-owned firm located in Houghton, Michigan. Hawk is the Upper Midwest’s primary source for NIST SP 800-171 Compliance services. Additional information about NIST SP 800- 171 and Hawk’s CAD services capabilities can be found at
Cyber attackers who target small business have
different motivations

   1   2   3   4   5