by David Notch, CISO, Castlelake L.P.
Cyber Security Summit 2022 Chair, Small Business Track

August 15, 2022

According to the U.S. Small Business Administration, small businesses (defined by the SBA as less than 500 employees) represent over 99% of the businesses in the U.S. and create 64% of new jobs. Cyber security has emerged as one of the biggest challenges for small and medium sized businesses. Unfortunately, too many businesses think they are not large enough to be a target. Nothing could be further from the truth. 

Attackers know that many smaller businesses haven’t committed the resources to sufficiently defend themselves and see them as easy targets. They use automated software to indiscriminately scan the Internet for vulnerable organizations, regardless of size, and then launch targeted attacks at their weakest points. 

The cyber threat has never been more real for small businesses. One study surveyed 2,700 businesses comprised of 100-1,000 employees with 33% of those businesses saying they were hit my ransomware in 2021 alone. 

The Small Business Summit is designed as an afternoon of complimentary resources designed to give business owners the knowledge they need to protect against ransomware, phishing and other types of attacks and how to respond and minimize the impact when an incident does happen. We will cover recent examples of such attacks and how you can better protect your business by using cost-effective (and sometimes free!) resources, including how to: 

·        Identify where you are most vulnerable 

·        Choose the appropriate technical safeguards 

·        Determine the role insurance coverage plays in your protection portfolio 

·        Ensure your managed service providers are taking the necessary steps to protect you 

·        Employ the best cyber practices to protect your company’s growth and operations 

This threat isn’t going away any time soon, so if you are a small to medium sized business, join us as we discuss how to better protect this vital part of the global economy. 

David has over 30 years of experience in the technology and security fields and currently serves as Chief Information Security Officer for Castlelake, L.P., an investment firm that specializes in complex, asset-rich and cash-flowing opportunities in undercapitalized or inefficient private markets using investment strategies in real assets, specialty finance and aviation.  As CISO for Castlelake, David leads the programs for cyber security, technology infrastructure, facilities and technology vendor management.