We understand the specialized markets in which you operate and provide tailored solutions to meet your unique business needs.
Our comprehensive suite of business services combines industry expertise, market knowledge and professional insights.
MNP is a leading national accounting, tax and business consulting firm in Canada.
Suite 2000, 330 5th Ave. S.W.
MNP careers are Different by Design. As an entrepreneurial firm, we truly believe there are no limits to where your career can go.
While the number of cyber security attacks grows every day, too many businesses have adopted a potentially dangerous attitude that cyber attacks only happen to large companies. Companies that are too small to employ full security teams may take comfort in having tools in place such as firewalls and anti-virus software; however, as attacks become more sophisticated, the current slate of preventative measures may not be enough to keep them safe.
According to a survey conducted by Ipsos Reid on behalf of MNP, half of Canadian businesses either suspect or know for certain that their business has experienced fraud or scams in the last year. Despite new headlines filled with stories of businesses that have experienced an attack, 80 to 90 percent of the respondents are under the illusion they could put a stop to the fraud if it happened to them.
On the opposite end of the spectrum, businesses run the risk of becoming overwhelmed by the barrage of bad news and undertake an equally misguided attempt to implement protection against every known threat in the cyberworld.
Instead of chasing every possible threat or simply ignoring the problem, businesses need to take a pragmatic approach by setting priorities and developing plans that will provide the greatest protection against the most likely risks.
Before deciding what security tools and protocols are needed, businesses need to step back to analyze their position and understand their current state. A cyber health check will help inventory assets, understand vulnerabilities, and anticipate the greatest threats.
A comprehensive inventory will incorporate the assets that need protection; including any information, technology, systems and data that could cause damage if it were stolen or compromised. By developing a risk-based view of these assets, companies can ascertain how the material is stored, who has access to it, how it could be lost or stolen, and the risk to the company if it is lost or stolen.
Capturing a snapshot of devices, systems and software programs will help identify any unauthorized changes. Without knowing how many devices or types of software are authorized to be on a system, it may be impossible to notice if a cyber criminal adds a piece of equipment or malicious software.
A current list of security controls will identify the protection already have in place. Instead of taking on the impossible task of safeguarding against every possible attack, companies can focus on the most common threats affecting their industries or businesses of the same size.
By assessing vulnerabilities and the most likely threats to business, companies can identify the areas where it makes the most sense to invest time, money and resources.
The Center for Internet Security has developed a
20-step security framework that can help any business build an effective security framework. Simply
implementing the top five strategies could reduce security risk by 85 percent:
Adding simple monitoring and controls to high-risk areas can also have a significant impact. If intellectual is stored on system files and folders, software can be used to monitor the copying or downloading documents. Monitoring can also be easily added to databases and web infrastructure.
Building a security plan based on actual priorities puts businesses in a strong position if an attack strikes. It’s not sufficient to assume that small companies are safe from attack. Unfortunately, small businesses are often targeted because they don’t often don’t have the resources to invest in adequate protection or planning.
Tomorrow’s technology is shaping business today. For help identifying where you should be setting your cyber security priorities, contact Danny Timmins, National Cyber Security Leader, at 905.607.9777 or
Related Topics:Cyber Security
Find an office near me