I grew up in the era of Mad Magazine, and on almost every cover of the magazine Alfred E. Neuman would utter the intellectually incurious words ‘What, me worry?’ Now, as we reach Cybersecurity Awareness Month (October) and add in COVID-19 and remote work, his response would have to be ‘Yes, me worry’.
Small and Medium-sized businesses (SMBs) are not immune to cyber-attacks. In fact, they are a prime target for hackers because SMBs have fewer resources for protection, but still have equally valuable information.
Hackers, like most people, will choose the path of least resistance, or the low hanging fruit, when choosing their targets. So, an SMB that doesn’t have the same security resources as a large enterprise is an easy target.
COVID-19 is a big issue for most business owners right now, so cybersecurity is likely the last thing an SMB owner is thinking about. Most are wondering how they can keep their businesses running during and after the pandemic. The problem is cyber-attacks are also on the increase during this pandemic. The FBI reports nearly a 400% increase in attacks.
Types of Attacks That are Growing
Phishing and Insider Threats. I put this one first because people are the weakest link in most hacks. It is the major social engineering threat, and it manipulates users with the ultimate purpose of disclosing confidential information and exposing internal data. The inside threat comes from a disgruntled or rogue employee that is motivated by revenge or gain.
Passwords. Passwords continue to be one of the weakest links in an SMB. They can be accessed through a phishing attack, data leaks, and credential-stealing malware, giving intruders access to worker’s accounts. With increased remote work, Brute Force Attacks are becoming more common as home networks are typically vulnerable.
Ransomware and Malware. Ransomware is a highly lucrative business for cybercriminals. Given its enormous profits, it is no surprise that ransomware has developed its own business model with ransomware as a service (RaaS). This makes it easy for those who don’t have a technical background to profit from vulnerable users. Unpatched security updates for computers provide hackers with an open door to your system.
Business Partners. Vendors have caused some of the most significant security incidents and data breaches. Supply chain attacks are a common way for attackers to target a vendor’s customers. The Target data breach was caused by a small HVAC company that provided access to their data base. It is crucial to foster a culture where cybersecurity best practices are shared between organizations.
Recommendations on How to Protect Your Company
Train and Educate Your Employees. Adept Solutions is a strong advocate for continuous security education. We believe cybersecurity awareness training should be mandatory for all of your employees. Workers should hone their cybersecurity skills periodically, as prevention is key to keeping your business safe in today’s digital landscape. As long as cybercrime continues to thrive and be profitable, cybersecurity training should be a continuous journey inside your company.
Limit Access Privileges. Limit your users’ rights to the lowest level possible that still allows them to perform their tasks successfully. The days of having everyone as an administrator on your network should be over! This practice will close multiple security holes inside your organization. Simultaneously, it allows you to achieve granular control over the actions performed and eliminate the danger of carelessness or insider threats.
Have the Right Cybersecurity Tools. While there is nothing that will solve all security challenges, there are ways to lock down your company and make it a lot harder for breaches to occur. Just like a security system on your house, a good security posture and culture at your company will encourage the hacker to find a more accessible place to attack. You need to have a good password management system, multiple layers of security, and a good training regimen to keep the criminals at bay.
Take Our Security Vulnerability Survey
We want to help you sleep easier and keep your business safe. Contact us to take a survey that will show where you are vulnerable. Let us help you develop a plan that looks into the future and builds a long-term strategy that makes you secure. Call us at 530-751-5100 or email email@example.com.