Forums: Discussions for entrepreneurs and small business.

My (future) company will be selling information security consulting services targeting small and medium sized businesses. With the integration of technology into almost any business the risk of a security breach for any business is very real.

I`m trying to figure out two things.

1. How can I create awareness around these real security issues that can affect any business without sounding like a fear monger so that I can help generate business

Current ideas include:
Starting a security users group to get like minded people who enjoy security together in the community.

Providing low cost basic seminars for consumers through the local community education program....

2. What is the proper etiquette for pounding the pavement to find out the owners of different businesses in different industries around my area and then try to get meetings to talk to them about their perception of security so that I can know more about my target market?

Bonus points: Is securing your information from disaster (be it targeting like a hacker, incidental by something such as a worm or virus, or accidental, somebody accidentally deleting critical financial files) something you think about at your business?

Y`know, I was brought up short not so long ago, when I was talking with an IT guy in a company I did some work for. We were out having a smoke, talking about the security issues of the network, and he was involved in developing a more ogranized structure for this growing company.

I casually mentioned pretty much the same question as you`ve said above, almost as a rhetorical thought. I`d said that I wondered why so many people still got trojans and viruses, and didn`t do anything about it.

He (just as casually) phrased the answer in such an obvious way, I kind of was stopped in my tracks. He likened computer security to HIV, and pointed out that by now, everyone in any developed country is fully aware of the potential problems of infection. They`re fully aware of the catastrophic results of contracting HIV and AIDS.

Then he pointed out that it`s almost human nature in today`s world to believe that although everyone else may have a problem, each of us personally is "exempt." :-)

I don`t think you have "two problems" to contend with. The first isn`t a problem. NOBODY is running a business using computer information, who isn`t totally and fundamentally aware of security issues! It`s only a matter of being unaware of THEIR particular security problems.

So that leaves the second, and perhaps you might offer a "Security Audit" as a free sample kind of thing?

Thanks again Craig, your answers are always insiteful and cause me to look at my situation from an alternative angle. It is much appreciated!