top of page

What Small Business & Non-Profit Leaders Need to Know about Cyber Security & IT in 2024

Navigating IT and Cybersecurity Challenges for Small Businesses and Nonprofits

Introduction: The Evolving Cybersecurity Landscape

In a detailed conversation, Nolan Garrett, with 17 years of experience in cybersecurity consulting, shared his insights on the unique IT and cybersecurity challenges faced by small businesses and nonprofits in the post-COVID era. Garrett's extensive background includes aiding a range of organizations, from small credit unions to large hedge funds.

Escalation of Small Business Cybersecurity & IT Threats in the Post-COVID Era

Garrett noted a significant increase in cyber threats, particularly for smaller entities.

"We're seeing more breaches and maybe even vendor-related or supplier-related breaches that impact the business," he remarked.

This trend represents a heightened threat to the operational security of these organizations, making them more susceptible to severe cyberattacks.

The Dire Consequences of Cyber Breaches

Garrett emphasized the grave impact of cyber breaches, revealing, "60% of small businesses and nonprofits end up closing their doors within six months of a breach." This statistic highlights the critical nature of cybersecurity threats and their potential to jeopardize the survival of unprepared organizations.

Strategic Approaches to Small Business IT and Cyber Security

Importance of Contractual Vigilance

If you're a small businesses engaging with an IT and Cyber Security organization he advises, "Start with a one-year contract, evaluate them, see how it's going, and decide whether or not they really are the right fit for you in the long term." This approach allows for a thorough assessment of a provider's performance before committing to longer terms.

Real-Time Monitoring and Tools

Mitigating cybersecurity risks is crucially dependent on real-time monitoring. Providers like Microsoft offer tools such as Sentinel for effective logging and event correlation across various endpoints and cloud assets.

Understanding Cloud Security Responsibilities

The shared service delivery model in cloud computing is critical to understand. Garrett explains that providers are responsible for security only up to a certain point, beyond which it becomes the customer's responsibility.

Evaluating Service Providers

When selecting service providers, Garrett suggests focusing on certifications like CISSP and CISM, their adherence to industry-standard frameworks, and understanding the distinction between IT and security operations.

Final Thoughts: Strengthening IT & Cybersecurity in Small Businesses

The insights from Nolan Garrett are not just a wake-up call but also a strategic guide for small businesses and nonprofits. By understanding the heightened risks, especially post-COVID, and adopting a strategic approach to prevention, monitoring, and provider evaluation, these organizations can enhance their defenses against the ever-evolving cyber threats.

For further information and resources, visit

8 views0 comments


bottom of page