By Joe Johnson
Most people know about the large-scale data hacks and ransomware events that top the national and global headlines. Recently, for example, the Colonial Pipeline cyberattack has gotten significant coverage on every major news outlet; last winter, everyone was talking about the SolarWinds breach. But what many people don’t realize is that, far from the glare of worldwide media attention, small and medium-sized businesses are increasingly being targeted by cybercriminals.
Cybersecurity in the Age of Risky Business
There are a few reasons why the risk of cyberattacks are increasing for smaller businesses. First, over the past year the COVID-19 pandemic has forced businesses to figure out a way for an unprecedented number of employees to work remotely. This has opened up new security challenges across the board:
“Remote work has challenged enterprise security monitoring in numerous ways from the platforms used for communication to the devices people are using and networks on which they transmit data. We have seen an increase in social engineering opportunities as cyberespionage and cybercriminal groups attempt to take advantage of vulnerable employees unfamiliar with managing their technology environments.” – 2020 Cyber Threatscape Report by Accenture
Although businesses of every size are navigating these issues, cybercriminals know that small and medium-sized businesses (SMBs) are even more vulnerable. Some SMBs don’t take the time to develop a cybersecurity strategy because they think they are too small to worry about being attacked. Others rely on consumer-grade, off-the-shelf solutions to protect their data.
The following statistics about the impact of cyberattacks on SMBs are alarming:
- Insurance carrier Hiscox reported that in 2019, 47% of small firms (1- 50 employees) and 63% of medium sized firms (50-249 employees) experienced one or more cyberattack.
- According to IBM, small and mid-sized businesses are hit by 62% of all cyber-attacks, or about 4,000 per day.
- Smallbiztrends.com stated that 43% of cyberattacks are aimed at small businesses, while only 14% are able to mitigate such risks effectively.
- The Denver Post shared a S. National Cyber Security Alliance report that 60% of small businesses victimized by a cyberattack will go out of business within six months.
In reality, if your business or clients handle customer data—whether it’s banking/credit card info, medical records, sensitive research data, tax information, customer databases, legal documents, proprietary product information, or anything else that criminals would love to access—then you are at risk and should learn how to prevent ransomware. Small businesses with many clients are the most vulnerable for ransomware attacks. Don’t be forced to pay to get your data back—instead, be proactive in order to protect it adequately.
The Problem With “Off-The-Shelf” Protection
Consumer-grade, off-the-shelf (COTS) cybersecurity products are widely available on the marketplace. At first glance they can seem appealing to small business owners. These COTS options tend to be free or low-cost; they may be conveniently bundled with other business software. They may also be pre-installed, “standard” features on new devices or laptops that you purchase from the manufacturer, or they are recommended by your managed service provider. Seems suitable for a business owner who is working with a limited technology budget, right?
But cybersecurity insiders and hackers know that COTS solutions have a lot of gaps that can actually leave companies vulnerable. They simply don’t protect businesses at the same level as top-tier cybersecurity solutions.
For example, consumer-grade tools are typically updated about once or twice a month. First, the manufacturer has to create the update and make it available. Next, the end user needs to see that the update is available, and manually update their device—or, if they are an IT director at a company, they will manually update many devices. Unfortunately, two or three weeks is too long for a business owner to be left vulnerable—when new threats are being created on a daily basis. The cybersecurity solution that was updated a month ago just can’t recognize or respond to a threat that was deployed yesterday.
This article on the U.S. Cybersecurity Infrastructure & Security Agency (CISA) website explains why COTS software is generally an attractive target for cybercriminals:
“… the major COTS packages typically manage important information and connect to more systems… Further, the information and experience obtained in one attack can be used again on the same package elsewhere.” – Craig Miller, Cigital, Inc.
Smarter Tools, Quicker Updates
By contrast, the latest generation of cybersecurity tools are updated constantly. They utilize the latest technologies—such as real-time threat intelligence, advanced analytics, and machine learning/AI—to proactively anticipate and respond to threats. Sophisticated cybersecurity tools don’t just react to known threats, but they also prepare for unknown threats (a.k.a. “zero-day exploits”) that occur on the same day that a software weakness is identified.
Many of today’s most crippling cyberattacks are coming from new threats being created every day. The best way to guard against these unknown variables is to deploy a solution that is constantly on the lookout for these unknown variables. For example, Ostra is constantly monitoring and collecting threat intelligence info from around the globe to provide automatic updates all our clients within minutes. Ostra’s solution is customized and automated, so our clients do not have to spend time maintaining it.
Are You Ransomware Bait?
Another reason every business owner needs to make cybersecurity a priority is because of business liability issues. Laws are expanding on a daily basis in terms of the data that businesses are legally expected to protect.
Dealing with ransomware is a great example of a liability that many business owners do not prepare for—until it’s too late. Have you ever been locked out of your house or car? It’s pretty inconvenient. Now imagine getting locked out of your business because of a ransomware event. Suddenly you cannot make or receive payments, communicate with clients, or even access important files.
In addition to your company’s data, any customer information on your system is now being held hostage as well, unless you pay the criminal to get it all back. Learning how to prevent ransomware is key. (Preventing ransomware is one of the reasons our company was founded—read more about the Ransomware Attack that Sparked Ostra Cybersecurity.)
A comprehensive cybersecurity strategy, paired with the best technology, can help you avoid these liabilities.
Building an Effective Cybersecurity Strategy
There are three important steps that every business can take to effectively protect against cyberattacks.
Step 1: Develop an overall cybersecurity strategy.
Business owners should never have a false sense of security by relying on technology alone to protect their data and systems. For example, Ostra’s best-in-class approach to technology combined with multiple layers of defense will go a long way in protecting your business—but technology is not the only piece of the puzzle. In addition to choosing the right technology, business owners should also develop an overall cybersecurity strategy that includes:
- Conducting cybersecurity assessments to find gaps in vulnerability
- Providing regular, ongoing cybersecurity training for employees
- Putting cybersecurity policies in place to protect your organization
Step 2: Back up your data (and keep backups in a safe place).
This is a bit like fire insurance—you hope you’ll never need it. But the U.S. government recently issued an Alert urging businesses to help prevent business disruptions caused by ransomware attacks. In addition to regular data backups, make sure you isolate those backups from all of your network connections.
Step 3: Use multiple layers of high-caliber defense.
Cybersecurity is a very broad category that can cover a lot of different areas. Make sure all of those are covered (keep reading below for the top 6 things to look for in a cybersecurity solution). For example, while it is great to pay for the perfect firewall, you still have a lot of vulnerabilities if your email, mobile devices, or cloud applications are not protected.
Building a comprehensive cybersecurity strategy involves more than installing the right products or working with the right partners. Make sure that you have those other safeguards in place as well.
Top 6 things to look for in a cybersecurity/MSSP solution
Working with a Managed Security Services Provider (MSSP) is one important piece that should fit in with your overall cybersecurity strategy, in order to help with managed detection and response to threats. Once you realize that a multi-layered approach is needed, the next step is to decide which areas are the most important to address.
I recommend covering your bases in the following areas:
- Have a Security Operations Center (SOC) and Security Information & Event Management (SIEM) system in place. Ideally, you want 24/7 monitoring, combined with technology that provides the latest threat intelligence and insights from the front lines. Employing SOC & SIEM gives you the added protection of on-call staff that can provide full support that includes investigating and remediating all of the alerts. . This will ensure you have the best protocols, cybersecurity experts and technologies to stay ahead of future attacks, while also providing analysis that helps you learn from past threats.
- Provide employees with Email Threat Prevention (ETP). Email is the number one vehicle for data breaches. Effective ETP will include advanced URL defense against credential phishing and impersonation. It should utilize machine learning, AI and analytics to identify and block both known threats and new, malicious campaigns.
- Pay attention to Endpoint Security, Antivirus (AV) and Malware Protection. Your solution should effectively block threats, secure your data and intellectual property, and provide a system that can isolate a device if it detects a threat so it cannot spread across your network. It should use intelligence-led, real-time detection to cover all access points—laptops, desktops, servers and more.
- Choose your Firewall and VPN Configuring the firewall is a complex process, so make sure it is done well, and by a professional. An effective Firewall and VPN will automatically detect and prevent “zero-day” (brand new) exploits and various types of malware, as well as known threats. You’ll also want a solution that offers automated, intelligent policy recommendations and machine learning-powered visibility across your IoT and other connected devices.
- Select the right Cloud Security (CASB) for cloud-based apps, software and services. Successfully protecting information (with automatic blocking, quarantining or encrypting data) helps companies maintain legal compliance in the cloud without impacting productivity and cost. Your CASB solution should allow you to govern cloud and web use for all users whether they are on-premises, mobile or remote.
- Don’t forget about Mobile. With more employees staying connected to work email and networks via smartphones, mobile security has never been more important. Make sure you have a mobile security (MDM) solution that can seamlessly integrate with your existing architecture to protect apps, documents, content and data on any device (using any operating system) from a single platform.
Why is Third-Party Validation Important?
When business owners are assessing cybersecurity solutions, it’s also important to look for third-party validation. This is the process of getting an independent, third-party source to test your product or solution and make sure it does what is claimed.
For example, in this article about the importance of third-party validation for cyber solutions, one industry expert noted:
“…without in-depth testing no-one really knows whether or not an Endpoint Detection and Response (EDR) agent can do what it is intended.”- Simon Edwards, founder and director at SE Labs:
Choose to work with a partner whose goal is to safeguard your company, and not just to sell a particular program or technology solution. There are many great products and organizations in the cybersecurity space, so make sure the one you select has a vested interest in protecting your business and your clients.
Ostra’s approach to cybersecurity
Ostra’s expert team understands how cybersecurity works at large corporations, so we know how to leverage top-tier tools and technologies to create the best sphere of protection possible. Our dedicated experts are constantly monitoring and assessing the best tools available on the market. This allows us to create a solution using the same resources Fortune 100 companies use, but we’ve made it simple, accessible and affordable for small and medium businesses.
In the process of building Ostra’s Cybersecurity solution, we have also been fortunate to work closely with some outstanding tech companies—some of the biggest and best in the world—who are continually evolving with the constantly changing cybersecurity landscape. Combining these best-in-class tools across every category of cybersecurity enables us to protect our clients with a holistic solution.
Ostra is continuously evaluating the marketplace to see who can fit that space, to make sure that our solution is up-to-date with the latest and best features to protect your business. Our highest priority is delivering a high quality, simple-to-use, efficient cybersecurity solution that allows our clients to “set it and forget it.”
Learn more about how to prevent ransomware, types of malware and more. Contact our team today for a free assessment to see what vulnerabilities may exist for your business or clients.