Network Security

Cyber Security Risks for Businesses Who Do Not Have a Lot of Income.

Cybersecurity essentials for small businesses

Cybersecurity is one phrase that can instill everything from boredom to fear into the hearts of the people who hear it.

In reality, small business cybersecurity can be a life-or-death concept. The wrong security breach at the wrong time can put a company out of business.

“The U.S National Cyber Security Alliance found that 60 percent of small companies are unable to sustain their businesses over six months after a cyber attack.” – Denver Post

There primary reason is that cleaning up the mess of a cyberattack is expensive.

“According to the Ponemon Institute, the average price for small businesses to clean up after their businesses have been hacked stands at $690,000; and, for middle market companies, it’s over $1 million.” – Denver Post

It can seem a bit like Henny Penny running around screaming that the sky is falling, but if even a low-level attack can cost you $1 million to clean up, it’s a good idea to buy an umbrella.

Dangers of not taking security seriously

Aside from the cost of cleanup, there are other reasons that lax cybersecurity can be costly to your organization:

  • Damage to reputation (such as a hacked and defaced website) – A hacked website, where there is malicious code installed or that redirects to someone else’s website, can cost you customers. Savvy online shoppers will see that something is wrong and will leave and never come back. Less savvy customers will get trapped by a hacker and they will make sure that the whole world knows that it was your website that was where the incident happened. Reclaiming a bad reputation is even harder online than it was in high school
  • Loss of productivity – The right type of attack, like ransomware or destructive malware, will keep your entire team at a standstill. If you’re running a medical facility and your people can’t access medical records, you can’t practice medicine. In a law office, where all of the client files have been destroyed, there would be no way to go to court. In some of the cases that are cited in the Denver Post article above, the company simply could never afford to make the situation right and rebuild, so they had to close their doors.
  • Loss of intellectual property – Often, there is a lot of product that your team has created, copyrighted materials that are the lifeblood of your business. An attacker can get in and steal that data and sell it to the highest bidder. If your business relies on offering a unique product or service, your unique selling point will not be out in the world for everyone to use.
  • “SiteLock’s “Website Security Insider: Q4 2017” found that randomly generated encoded malware represented 51 percent of malicious software detected. Backdoor files, JavaScript injectors and “defacements” — instances where sites are taken down or replaced with messages from cybercriminals — were also among the top small business cybersecurity issues reported during Q4 2017.” – https://securityintelligence.com Most of these issues are not put in place via “brute force” attacks, cases where an attacker forces their way in the front door. Often, they simply email in the attacking software and it goes to work when someone opens it and clicks the wrong link.

Necessary prevention

There are a number of simple steps that you can take to prevent these types of losses, particularly these situations where your website, computer, or server is attacked.

  • Nextgen anti-virus – The first, and most obvious, preventative act is to get a next-generation antivirus program. The next generation does more than eliminate malware that has already infected the server; it actively seeks out malicious programs before the ever make it to the server or computer.
  • Backups – One of the simplest ways to ensure that you can get back to where you started is to do consistent backups. If you have the volume of traffic, a daily backup or even multiple times per day will allow you to set your system back to where it was before you got the viral infection. Systems differ, but generally, you will scrub out malware and then set everything back to a point before the malware attacked you.
  • Education – It is the acts of individuals that usually ushers in a piece of ransomware or malware, so the number one thing to do is to educate your staff to avoid risky behavior. Knowing what to look for in emails, call-in requests, and other weak spots, is the best way to keep data safe, particularly in the medical industry.
  • Website security – There are a number of ways that your website can be attacked. Some of the more common ones include SQL injection, Cross-site scripting (XSS), false error messages, and false file uploads can all cause issues and concerns. There are some steps that you can take to protect your website further: update software consistently, keep passwords up-to-date and difficult to hack,  installing website security tools, and HTTPS: certifications on your website.
  • Email security – The number one entry point of cyber threats into your business is email. Phishing, ransomware, and malware are all attacks that frequently come in from via emails. Advanced email security, which will block most of these threats, is a vital part of your overall server security.
  • Other device protection – Every device that is or might be connected to your network needs to be protected. Smartphones and tablets need their own antivirus protection to prevent these devices, that migrate from network to network, from being the entry point for malware. A more severe way to avoid problems is to ban these devices from being used on your network, but that might not be a possibility for many businesses.
  • Network firewall – Every system should have a powerful firewall. This is the first and most simplest thing that you should do to protect your networks. Not doing it is like putting a front door on your house, but not installing a lock. Your firewall should protect your servers, workstations, and wifi network. It should be updated constantly to ensure that it’s capable of protecting you against each new threat. A good two-way firewall will monitor the packets that are delivered to your servers from the outside and will look at the ones coming from inside as well.

Strategy

There are a number of strategies that you can use to protect your system. Some of them, like establishing secure passwords and creating an education program, are easy. Others, like a next-generation antivirus software, are technological solutions.

The simplest and most effective strategy is to outsource as much of your cybersecurity as possible. A third-party can take care of nearly everything that your firm needs without you needing to significant spend time or hire staff to do it.

Action plan:

  • Install and maintain a firewall
  • Put next-gen antivirus in place
  • Institute policies for how users handle data
  • Train users on the latest threats with Security Awareness Training, like Knowbe4
  • Put in place advanced email security
  • Regularly update (patch) all software on every device to ensure that vulnerabilities are fixed
  • Monitor traffic and look for malicious software and events
  • Track activity within your network watching for risky behaviors
  • Maintain backups and system redundancies
  • Migrate to a cloud based system like Office365 for email
  • Have a response plan for when an infection or breach occurs

The great advantage that a third-party contractor can bring to the system is a level of focus that you won’t be able to and still run your business.

Ron Samson

Recent Posts

Top 5 Benefits of Managed Endpoint Detection and Response for Businesses

In today's digital landscape, businesses face an increasing number of sophisticated cyber threats. To combat…

2 weeks ago

SIEM Data Retention Best Practices for Effective Threat Detection

Security Information and Event Management (SIEM) systems play a crucial role in modern cybersecurity strategies.…

2 weeks ago

Cloud SIEM Solutions: A Complete Guide to Streamlined Threat Detection

In today's digital landscape, organizations face an ever-increasing number of cyber threats. To combat these…

3 weeks ago

Endpoint Detection and Response vs Antivirus: Key Differences

In the world of cybersecurity, protecting endpoints - such as computers, laptops, and mobile devices…

3 weeks ago

Explaining What Is EDR in Cyber Security and Its Key Benefits

In the ever-changing world of cyber threats, organizations need robust tools to protect their digital…

3 weeks ago

How a Cyber Security SOC Analyst Responds to Real-Time Threats

In the realm of cybersecurity, the role of a SOC (Security Operations Center) analyst is…

4 weeks ago