Editor's note: Melissa Derr is Director of Digital Forensics and Response at Critical Defence, LLC. We're delighted to share her expertise in cyber security with our audience.
Even though small to mid-size businesses (SMBs) are a primary target for cyber attackers, they remain underprepared to prevent, detect, respond to, and recover from an event. A 2017 report from the Ponemon Institute reported that 54% of SMBs had reported they suffered a data breach in the past 12 months, costing on average just over $1MM in direct expenses, plus additional indirect costs of over $1.2MM.
The numbers are staggering, but the realities remain: most SMBs lack proper budgets to implement the effective security controls that larger companies can afford, nor do they have the staff capable of protecting their technology. So, what can you do about it? Here are a few relatively simple solutions to get you started in the right direction.
1. Identify key risks
Before you can even begin to protect your SMB from cyberattacks, you need to first identify potential vulnerabilities, threats, and risks to your company. Vulnerabilities that most SMBs will find applicable to them are unpatched software, poor employee digital hygiene and unmanaged/unidentified devices on the company network. Cyber threats to most SMBs include the loss of proprietary data/intellectual property, loss of customer data, and loss of control over corporate technology assets.
Once vulnerabilities and threats have been identified, you can more fully understand the organization’s cyber risk. You should plan to patch software as soon as updates are available, encrypt sensitive data at rest, train your employees to detect potential social engineering tactics and phishing emails, and establish a policy prohibiting unmanaged devices on your company infrastructure. Once the policies are in place, make sure you are doing your best to regularly enforce them.
2. Educate Employees
Educating your employees about your key risks and cybersecurity policies is essential. According to independent researcher Ponemon Institute, the number one cause of a breach at SMBs was a negligent employee. Whether it be by clicking a link in an email, web-browsing at insecure websites, downloading software from unofficial sources, or accidentally sending an internal email to an unintended external party, your employees have more impact on the security of your organization than you might realize.
Employees should be aware of the policies you have regarding good digital hygiene, including prohibiting password reuse, safe web-browsing practices, and password length requirements.
While formal cyber security awareness training is ideal, it could be cost prohibitive for smaller businesses. The US Department of Homeland Security’s “Stop. Think. Connect.” campaign, however, is a free resource with sample fliers and internal communications to help you get started.
3. Deploy an endpoint monitoring solution
Detection and remediation is essential to your SMB’s security posture. Monitoring and updating all your endpoints is not at difficult as it used to be; a number of reasonably-priced, cloud-based solutions are available. Earlier this year, PCMag reviewed 10 of the industry leading endpoint protection platforms for small businesses, starting as low as $1 per endpoint per month. These tools can provide anti-virus coverage, quarantine or remove malicious files, email filtering, URL protection, and patch management all in a web-based management console. If you only have room in your budget for one security tool, an endpoint protection solution is your best bargain.
4. Have a back-up plan
No one ever wants to plan for the worst, but as half of all SMBs reported they had suffered a breach, chances are you’ll need a recovery plan. A recovery plan is needed to outline how you will continue business operations in the event of a cyberattack. How will you process payments if your payment system is compromised? What happens to your intellectual property if all your systems are infected with ransomware?
One easy solution is to take regular backups of business-critical systems and data, and store them OFFLINE, so you can recover with relative ease in the event of an incident. You may want to consider building in redundancy in the event of failures. And most importantly, regularly test the solution to confirm it will work in the event you need it.
Cyber attackers have set their sights on small and medium sized businesses. But small businesses often lack the proper budgets, staff and expertise to secure themselves properly. By implementing a few basic solutions small businesses can greatly enhance their security posture. While this is not a comprehensive list of everything you can do to secure your SMB, we hope this provides you with a good place to start. Attackers will continue to target SMBs, and it’s in the best interest of both the consumer and the SMB to be protected. Additional resources are available through the Nations Cyber Security Alliance.
About Critical Defence
Critical Defence, LLC is a global provider of cyber security services including, but not limited to Assurance, Response, Compliance and Training. Additional information can be found at www.criticaldefence.com.