Why Canadian SMEs should embrace security systems integration
Entrepreneurs are rarely eager to discuss security.
That’s a fact that I’ve learned over more than 25 years in this industry. The reason is that security measures—from on-premises guards to cameras to network security software—come at a (sometimes steep) cost. Talk of security also distracts them from what they love to do: innovating, making sales, developing new product or service lines, growing their business.
Discussions over security remind them of what could—and all too often does—go wrong. From break-ins to data breaches, Canadian small and medium-sized businesses are more vulnerable than ever. While simple smash-and-grab robberies are still one of the most obvious vulnerabilities for any organization, CEOs increasingly have to contend with threats such as malware or ransomware attacks.
According to Statistics Canada data released last year, in 2017 Canadian businesses spent $14 billion to prevent or recover from cyber security issues, with medium-sized businesses spending an average of $113,000 a year on cybersecurity. Twenty-one per cent of Canadian businesses had their operations impacted by a cybersecurity incident that year, with 23 per cent experiencing attacks meant to steal personal or financial information. More than half said these incidents impacted business productivity or service delivery and led to significant downtime.
The problem has become so bad that the Association of Municipalities of Ontario—an organization that represents towns and cities across the province—recently called on Queen’s Park and the federal government to help them combat ransomware attacks. If government is that vulnerable, imagine the average cash-strapped SME that needs to focus every available dollar of free cash flow on operations and other costs.
Although it’s not surprising that critical investments in security often fall by the wayside, now is the time for entrepreneurs to change their approach.
To continue innovating as business owners, we need to leverage the latest technology tools to protect our businesses from avoidable security risk. That doesn’t necessarily mean eschewing traditional approaches to security. Sometimes a good lock on a door, glass break alarms and an alert security guard are still the right combinations to keep your organization and its people safe.
A better approach is to look at security holistically and embrace a concept known across our industry as systems integration. That means looking at your security requirements as a whole and building a protective infrastructure that takes all potential vulnerabilities into account.
An app development firm, for example, might have an office with little in it except for desks, chairs and a few computer monitors (and maybe not even that if employees take their laptops home at night). Their physical location might be protected by a good security system and decent CCTV cameras. But their cybersecurity needs will be far more complex, requiring the use of VPN technology for employees who work away from the office, for example, and advanced measures to protect data both to guard against breaches and to demonstrate security competence to weary clients.
Alternatively, if you’re a small to medium-sized manufacturer producing complex technology for governments around the world, your strategy for ensuring the security of your physical assets will be just as robust as the plan to guard your digital ones.
Systems integration is a framework that requires a thorough risk analysis that assesses both internal and external threat levels—because the unfortunate reality is that many thefts, and even some forms of vandalism, are often perpetrated by employees—surveys all of the available technology across the marketplace, selects the right solutions for your business model and promotes collaboration with a security firm that both understands, and is prepared to adequately service, your needs. Most importantly, it requires organizations to develop a coherent security strategy that they should be ready to update at least annually as their business evolves and risk exposures shift.
Think of systems integration as a company-wide process and effort that is continuous. Employees at all levels should be involved and have your organization’s security—both physical and digital—on their minds at all times. When it’s deployed properly, a comprehensive systems integration plan will reduce overhead, improve efficiencies, mitigate risk and boost your bottom line.
Those are benefits that any CEO should be willing to discuss.
By Winston Stewart, President, and CEO, Wincon Security
Winston Stewart is the President and CEO of Wincon Security, a Scarborough, Ont.-based security firm that has delivered property monitoring and protective services to retail, commercial, industrial and condominium clients across the Greater Toronto Area for more than 25 years.