Don't wait! Request Harbor's free Level 1 CMMC Self-Assessment
What is CMMC? The Cybersecurity Maturity Model Certification (CMMC) is a cybersecurity standard that any organization that provides products or services to the US Department of Defense is required to meet. There are five levels of CMMC certification that reflect an organization’s increasing maturity and ability to safeguard sensitive government information.
Why Now? The DoD has begun to roll out CMMC, which requires contractors to achieve certification by passing a third-party audit conducted by a certified third-party assessment organization (C3PAO).
Harbor is offering a free CMMC Level 1 Self-Assessment to gauge your organization’s readiness for compliance and eventual certification. CMMC Level 1 is the most basic CMMC level and requires your organization to demonstrate basic cyber hygiene, as defined in 48 CFR 52.204-21.
Cyber threats are growing rapidly with no signs of slowing down
43% of All Breaches Target SMBs
Verizon’s most recent Data Breach Investigation Report shows that almost half of all breaches occurred at small businesses. This statistic speaks for itself and doesn’t require more of an explanation.
SMBs Experience 8+ Hours of Downtime During a Breach
Cisco’s 2018 Security Capabilities Benchmark Study shows that 40% of mid-market companies with 250-499 employees experienced eight hours or more of system downtime due to a security breach in the past year.
54% of SMBs Believe Their Companies are “Too Small” to Be Ransomware Targets
The Keeper Security/Ponemon Institute SMB report shows that some SMBs think that their organizations are too small to be attractive targets for cybercriminals.
83% of SMBs Lack Resources to Deal with the Repercussions of a Cyber-Attack
InsuranceBee’s Cyber Survey of more than 1,300 SMB owners shows that more than 80% of businesses lack the money they would need to recover from a cyber-attack or data breach.
Cyber Attacks Due to Weak or Stolen Employee Passwords Average $383,365
Did you know that the average cost of cyber-attacks that result from compromised employee passwords is $383,365? This is one of the findings of the Keeper Security/Ponemon Institute SMB report.
60% of SMBs Cite Employee Negligence as Cause of Data Breaches
The Keeper Security/Ponemon Institute’s small and medium size businesses report shows the number of SMBs reporting negligent employees as the cause of data breaches increased to 60% in 2018 — whereas external threats (hackers) were reported as 37% of the causes.
62% of SMBs Lack the In-House Skills to Handle Cyber Security
Continuum’s 2019 small business cyber security report shares that nearly two-thirds of SMBs say they don’t have the employees to handle cyber security functions, and 56% report that they don’t have any cyber security experts within their ranks.
68% of Small Businesses Don’t Have Disaster Recovery in Mind
Nationwide reports that more than two-thirds of small business owners don’t have a disaster recovery (DR) plan in place. Additionally, the report shows that 71% of small business owners choose not to buy business interruption insurance.
Cybersecurity as a Business Enabler
Once seen as a business blocker, cybersecurity is now being reframed as a significant business enabler to support agility, innovation and growth as well as being a competitive differentiator.
Business leaders need to ask themselves and their management teams the following questions:
- What is our exposure to cybersecurity risks?
- What are we doing to reduce security risks?
- What is the business impact of our security efforts?