As we near the end of Cyber Security Month, one of the main points being stressed by security professionals is that preventative measures are much more cost effective than damage control. What is a reasonable amount to invest in protecting your business? This can be an uncomfortable question, but the willingness to spend changes dramatically for a business owner after a security breach. Plan ahead rather than paying a crippling remediation or ransomware bill. Save yourself the time, energy and cost associated with a lack of preparation. Read on for some cyber security hacks to help small business owners.
Cybersecurity Statistics: The Impacts of a Security Breach
Cyber-attacks cost small businesses $200,000 on average, and upwards of $1.2 million for large enterprises according to a recent CNBC article (October 2019). Damage from a cyber-attack is severe. It is estimated that 60% of small businesses are forced to close their doors within 6 months of a breach. With over 58% of small businesses considered valuable targets for malicious actors, there is no shortage of opportunities for criminals.
Data Backup: Business Continuity and Disaster Recovery
Protecting your data should be the first priority in a proactive defense. If your business is like most, access to your data is critical to functionality. The advent of ransomware has allowed criminals to extract value from otherwise worthless data, because it isn’t worthless to you! By encrypting and holding your data hostage they have ensured a nice pay out for themselves, and a very bad day for you. Cyber criminals can also mine your more valuable data like gold and sell it on the dark web to the highest bidder. Data breaches led to a theft of over 1.8 Billion records in January 2019 alone according to business.com.
IT Infrastructure Protection
Hardening your network, infrastructure, and access to cloud accounts are the next steps to securing your business. The Inc.com article “Why hackers target small business” reveals why even small business owners should be prepared. ‘Smaller companies are attractive because they tend to have weaker online security. They’re also doing more business than ever online via cloud services that don’t use strong encryption technology. To a hacker, that translates into reams of sensitive data behind a door with an easy lock to pick.’
Post Cyber-Attack Impact Factors
If you’re among the 40% of businesses that are fortunate enough to survive a cyber-attack, the pain does not stop there. According to a report by Deloitte, there are ‘Cyber Attack Impact Factors’’ that can plague a company long after the IT pros have dealt with the initial attack.
- Cost of attorney fees and litigation
- Public relations problems
- Increased insurance premiums
- Lost contracts
- Loss of intellectual property
- Devaluation of franchise, trade name and brand identity
“An ounce of prevention is worth a pound of cure” – Benjamin Franklin
6 Steps Towards Proactive Cyber Security For Your Business
The good news is that there are ways to mitigate the cyber security risks to your business. Let’s look at these ‘business hacks’ to help you get started in 6 steps!
- Cyber Security Assessment: Review the state of your business technology security with an IT Professional. A network assessment can be a great way to kick off the planning stages of a security road map for your company.
- Cyber Security Tools: Not all networks are created equally! Speak with your IT partner to ensure your network and infrastructure are brought to a hardened state using industry best practices. Enterprise grade hardware such as firewalls, switches and access points offer security measures that consumer grade devices simply aren’t designed with. The modem/router placed into service by your Internet Service Provider (ISP) frequently include a built-in firewall. While these firewalls may be fine for home use, they are not designed for the protection of a business. Layered networking should be implemented to separate sensitive areas of the network.
- Cyber Security Software and Protocols: Your IT partners should implement and maintain your technology proactively with best practice patching policies and enterprise grade antivirus software. Free versions are not always able to detect all breaches, especially with zero-day attacks.
- Data Backup & Recovery: Request a BCDR (business continuity and disaster recovery) solution from your IT providers that can restore a backup of your uninfected data. In the event of a ransomware attack, external hard drives will not be an effective source of back up for your business. If the breach is timed with a delay, the hard drive may also be infected before the attack is launched. Even if the drive is clean, the data can take days to be put back in a usable state if your operating system was compromised as well.
- Cyber Security Education: Teach your employees and clients what to look for regarding a possible breach attempt and to report anything suspicious to your IT partners.
- Separate Business from Personal Accounts: Ensure you and your staff maintain separate e-mail accounts, website logins and passwords those used in your personal lives. Minimize the chance that your staff being hacked can lead to your company being hacked!
Managed IT Service Providers: Partnering With an IT Professional
Are you still wondering if you truly need to hire an IT professional? Maybe you are an intelligent, tech savvy person that wants to try taking care of it yourself. That curiosity and desire is to be applauded. The reality however is that cyber security requires years of specialized education and industry experience. Your time is better spent growing your business! It’s the same reason we go to the Dentist to care for our teeth. You might be able to work a drill, but let’s have that cavity filled by a professional.
Business Hacks Recap
Building a partnership with a trusted IT professional will ultimately save your company money. Technology moves fast and increasingly touches every part of our businesses these days. An effective partnership can help side-step the security land mines while offering guidance with the technology that helps your business grow.
- Identify what’s important to your business, like most it will be your data, so protect it and back it up.
- Taking proactive steps is key to protecting your business security, review suggested ‘business hacks’ for key measures.
- Forma partnership with an IT professional to implement and maintain your cyber security and infrastructure.
- Proactive measures performed by an IT professional will save your business money and create effective layers to your business security.
For more information on how Amicus MSP can help your business, click here.