North Carolina’s likelihood of recovering from a cyber-attack is low, according to a study released by go.Verizon.com, which put North Carolina 39th out of the 50 states with a C grade. (WNCT).  

 

“Cyberattacks are a potential risk for any business and it has never been more important to keep your business safe online. With ransomware breaches increasing by nearly 500% between 2018 and 2020, small and medium businesses can face devastating losses when they don’t secure their data.” (go.Verizon.com).  

 

According to the study, there are 939 small businesses per 10,000 people and the percent of all business bankruptcies is 14.67 percent. This lack of success in recovering from cyber-attacks is not surprising considering the high demand for cyber-security professionals. 

 

“According to CyberSeek, there are more than 17,000 open cybersecurity jobs in North Carolina. A majority of them can be found in Charlotte, Durham and Raleigh.” (Spectrum News). 

 

With a lack of cyber-security professionals filling these positions, the problem is likely to worsen rather than improve as time goes on. This is why it is important to promote and encourage cyber-security education and training in North Carolina. With education and training, interest in cyber-security careers increases and jobs can be filled more rapidly. The problem with success following a cyber-attack for businesses would subside following the hiring of more cyber-security professionals in the vacant positions in the state.  

 

Another positive influence on the future of cyber-security for the state of North Carolina is influential legislation, such as a $25.7 million budget signed in by Governor Cooper on Nov. 16 which includes a cyber-security provision “buried more than 500 pages into the bill that will have a major impact on public entities of all sorts in North Carolina.” (The National Law Review). The provision bans state agencies or local government entities from paying or communicating with threat actors in the event of a ransomware attack.  

 

“However, under the law, as presented in the North Carolina budget, no state agencies or local government entities would be allowed to pay the ransom to restore access to their systems. And it's not just departments, cities, and towns that the law covers. The law defines "state agency" to include all agencies, departments, institutions, boards, commissions, committees, divisions, bureaus, officers, officials, and other entities of the executive, legislative, or judicial branches, as well as including the University of North Carolina System and any other entity over which the state government has oversight responsibility. What is more, "local government entity" would include local political subdivisions of North Carolina, including, but not limited to, cities, counties, local school districts, and community colleges.” (The National Law Review).  

 

This piece of legislation could have an impact on the state’s level of small business recovery in the event of a cyber-attack, therefore improving the state’s ranking in the country for recovery following a cyber-attack. However, there are also negative effects. 

 

“This means that whether your organization is a department of state government, a city, a school board, a community college, a county courthouse, or any other state or local government body or subdivision in North Carolina, the option of paying a ransom for your data in the unfortunate event that an attack like this occurs will be taken off the table on the day this budget gets signed. That makes prevention of these cybersecurity incidents and preparation for how to respond when they do occur even more important for public entities in North Carolina.” (The National Law Review).  

 

There are a multitude of ways North Carolina businesses can prepare for and prevent cyber-attacks. 

 

“For example, having incident response plans and operational continuity plans are proven ways to reduce the impact of ransomware attacks and data security incidents of all kinds. Engaging in a data mapping exercise will improve an organization's understanding of their cybersecurity posture and allow expert analysis to craft strategies for minimizing harm. Training an organization's employees will empower them to spot suspicious activity before it begins.” (National Law Review).  

 

Have any questions about cyber-security? Responsive Technology Partners is the leading cyber-security expert in the Raleigh, NC area. Service offerings include I.T. support, cyber-security and compliance, telephony, cloud services, cabling, access control, and camera systems. Our company’s mission is to provide world-class customer service through industry leading I.T. solutions that make every customer feel as if they are our only customer. Please visit our website to learn more: https://www.responsivetechnologypartners.com/. 

 

 

 

 

 

 

 

Sources: 

NCT. https://www.wnct.com/news/north-carolina/nc-ranks-near-the-bottom-in-cybersecurity-study/ 

Go.Verizon.com. https://go.verizon.com/resources/smb-cyberattack-bankruptcies/ 

Spectrum News. https://spectrumlocalnews.com/nc/charlotte/news/2021/06/14/cybersecurity-job-demand-booming-in-north-carolina 

Cyber Seek. https://www.cyberseek.org/heatmap.html 

National Law Review. https://www.natlawreview.com/article/extortion-economy-north-carolina-s-new-legislation-to-counter-ransomware