Halloween is a time for monsters, haunted houses, and other things that go bump in the night; a time to indulge our fears for the rush of adrenaline that comes along with a good scare. Then we wake up the next day to the real horror. Home Depot, New York Times, Target, Heartbleed, Shellshock…the cyber-attacks keep coming. But what’s the worst fear for small IT businesses? They are a target of these evil intrusions as well. As a matter of fact, 63% of SMBs reported an attack from outside their systems in 2013 (PWC Information Security Breaches). While the larger retailers are a treasure trove for hackers, and individual passwords can lead to identity theft, many SMBs still believe they are too small to get noticed. And that’s one major reason why they are so vulnerable.

So what can you do? Throw your hands up and accept this level of risk as part of doing business? How about get engaged with your global IT industry association? Data security is too important to leave to chance. You need to know you’re doing the right thing and instead of paying thousands of dollars for the latest research studies or chasing one solution after another, you should instead leverage the work done by CompTIA.

Education, research briefs, networking, and security assessments are just a few of the tools available for CompTIA members to help navigate the world of data protection, breach laws, and compliance regulation. High quality resources designed to answer the questions you have. CompTIA’s IT Security Community provides guidance through the State-by-State Data Breach Notification Laws and the newly released Security Wizard. The Breach Notification lays out the requirements for your own state, as well as states you do business within. The Security Wizard can help you talk your clients through the importance of security and get a picture of their security posture. For your own business, education such as Tackling Cloud Security Concerns or the Executive Certificate in Security Foundations will help your leadership team understand the challenges to be met. CompTIA’s 11^th Annual Information Security Trends research study lays out vulnerabilities and provides recommendations to lessen your exposed risk.

But if you really want to guard your business against attack, the CompTIA Security Trustmark+ is your silver bullet. Recently updated to reflect the 2014 National Institute of Standards and Technology (NIST) Cybersecurity Framework, the Security Trustmark+ provides a clear path to regulatory compliance and intelligent business practices as related to data security. By walking you through the 5 core tenets of security (Identify, Protect, Detect, Respond, Recover), this program is designed to establish vital procedures and protections for you and your clients. A 3^rd party assessment of your adherence to the framework provides you assurance beyond your own evaluation. Whether you are looking to ensure you’re doing the right thing, looking to offer security as a service, or are operating in a regulated industry, the CompTIA Security Trustmark+ is a cost-effective and thorough way to achieve your goal.

To learn more about membership in CompTIA, please visit http://www.comptia.org/register. You can also read more about the CompTIA Security Trustmark+ program by downloading the Quick Start Guide and FAQs. CompTIA is also available to answer your questions at Trustmark@comptia.org. And if you are ready to get started today, head over to the application page to dive in!

Data security is only going to get tougher. The monsters out there are more sophisticated than ever. Arm yourself with the resources available to you through CompTIA and fight back.

Miles Jobgen is the Senior Manager of Trustmark Programs at CompTIA

Want to hear more from CompTIA?