As a growing business, your ever-expanding digital footprint gives cyber criminals even more opportunity to extort money, disrupt your productivity, and generally wreak havoc for you and your teams.
Eddie Phillips, MSP Global Training Manager and Cybersecurity Evangelist at Malwarebytes, joined us at Elevate to share his advice for small businesses on the path to a more robust cybersecurity environment. Watch his session in the video below, or read on for the highlights!
Who are we up against when it comes to cybersecurity?
Eddie says it’s important for business leaders to understand who and what they are up against when it comes to cyber crime. “82% of ransomware attacks are against companies with fewer than 1,000 employees. Small and medium businesses are getting hammered by attacks.”
Many of these attacks originate on the dark web, where cyber criminals develop different attack methods and place them for sale. “The next step could be white collar crime or state-sponsored attacks, which visit these marketplaces, buy these pieces, and put them together,” he says.
In the case of ransomware, a piece of malware can enter your system via an email or infected website. Once it has access to your local computer, it will attempt to penetrate the workplace network and steal valuable data. Then, it begins to encrypt and lock you out of critical business systems until a ransom is paid. The threat of data leaks and reputational damage is also common with this type of attack.
Eddie says multi-factor authentication (MFA) fatigue is also becoming an issue. “MFA is a great piece of security, but applications that provide that type of security are now trying to make it more convenient. Convenience can be the enemy of security.” Instead of requiring you to type in an MFA passcode, your phone may simply ask, ‘do you allow this login?’. Cyber criminals are increasingly spamming users with these notifications until access is granted.
Business email compromise is another widespread attack method. By sending misleading emails that look like they come from the CEO or a vendor requiring payment, threat actors can persuade employees to share sensitive credentials or pay a fake invoice.
“Why small and medium businesses? Why aren’t they focused on the Fortune 500? Because simply, they can. All of those pieces on the dark web marketplace can be automated to hit tens of thousands of businesses by just writing a script,” says Eddie.
How can we defend against cyber attacks?
To fortify your business against attacks, Eddie encourages business leaders to focus on the “identify and recover” elements of the NIST cybersecurity framework. Ideally, you should entrust the remaining requirements to an expert managed security provider.
Identify cybersecurity risks
“You need to identify your risk and understand your risk surface,” says Eddie. “It comes down to knowing what tools and services you have. Obviously you’re using computers, but are staff also using personal cell phones to access your company network? There’s a big risk there, so communicating that to your IT provider is critical.”
“How are you using those tools? Are you still using an email server down the hallway? Are you using Office 365? Those can be the right solutions in the right place, but communicating that to your provider is key. Thirdly, who is using these tools? If you have teams that need remote access, your IT provider needs to be aware of this.”
Recover from cybersecurity risks
Eddie says planning for recovery involves working with your provider to determine what will happen if you are compromised. This starts with two critical questions.
- Recovery Point Objective (RPO): How many hours can you afford to lose before it negatively impacts your clients, employees, or bottom line? How much rework are you willing to do? Is it a day, an hour? You need to answer these questions so your provider can put the right tools and solutions together.
- Recovery Time Objective (RTO): How long can you endure a system outage before it negatively impacts your clients, employees, or bottom line? How long can you go without your tools? This isn’t about rework, this is about having access to your systems in real time. For example, can you go a day without internet or email access? If you can answer these questions, appropriate solutions can be built by your provider.
“Once you have structured these goals, you can hand the baton off to a provider like Electric, who will work through the other three aspects of your cybersecurity framework: protecting, detecting, and responding,” says Eddie. “This comes down to deploying the right tools, monitoring your environment, carrying out maintenance, and facing the future. There’s so much work that goes into this, but answering these questions will drive you towards success.”
Build Your Cybersecurity Resilience with Electric
Electric protects small and medium-sized businesses with standardized security across devices, apps, and networks. Contact us today to learn how you can implement a smarter, more resilient cybersecurity infrastructure that’s fully managed and made for productivity.