As we’re rounding into 2018, one of the scariest facts is that 83% of businesses are unprepared for cyberattacks (and even worse: 90% of those business never recover from the attack!).
Today I want to review 5 of the big eye opening problems with business cybersecurity and how simple persistent changes to how your IT Support runs can keep you safe long term.
Keeping an “every company is hacked” mentality helps your IT Support team focus on the fact that cyberattacks are serious and that they need to not only protect your infrastructure, but inform users on best practices to avoid getting tied up in phishing schemes and opening doors to hackers.
Often times, hackers get in because a critical software patch was overlooked or was misapplied. Your IT Support needs to look around and find easy to fix weaknesses first. If they’re thinking about cyberattacks being real and likely affecting your business, they should be on the lookout and plug up any vulnerabilities that might make your business more vulnerable to attack.
After spending tens of thousands to even millions of dollars, even large companies may overlook what are the most successful ways that cybercriminals breach business networks.
While long hanging fruit like unpatched computers and networks are some of the fastest ways hackers penetrate a network, there really is no one way to get in. Just as often as scanning a network and penetrating it through a gaping vulnerability like an unpatched system, is the foot in the door through an unsuspecting user. Your IT Support team should recognize that attacks aren’t coming from just one place, aren’t targeting just one thing. If their approach to protection is checking a security box after running a virus scan or after applying a security patch, they aren’t doing their due diligence.
Let’s say your IT Support scanned your network and found 20 different potential threats on it. On average, only a couple of these threats could be handled at a time, resulting in a need to understand how to identify and prioritize the most likely threats first.
IT Support should understand how to fix the critical security issues that are causing most damage on your network environment today, followed by the most likely culprits to cause the most damage in the future.
If you had two vulnerabilities on your network.
The first was an unpatched piece of software that monitored your office supplies (which was not associated with any sensitive data). This unpatched software was quite easy for anyone with a computer and a bit of coding to get into.
The second was a more challenging hack into your accounting server. Only experienced hackers with some specific knowledge could get into information containing credit card numbers, social security numbers and client data. This hack was much less likely to occur, but if it did, could result in much greater consequences (severe data breach that might get broadcast on the news, result in multiple lawsuits and the possibility of ruining your business).
Which of these fixes should your IT Support prioritize?
Some of your team might say, go for the easy one first. The most vulnerable system should be fixed before any other. But in fixing your office supply software, you’re risking real harm to your business in the event some crafty hacker were to break into your accounting server!
IT Support should understand not only what vulnerabilities are, but also know where risks lie. If there are high risk vulnerabilities present on your network, these should be addressed first (if you’re unsure whether you have high risk vulnerabilities, consider a 3rd party security assessment).
In many cases of recent data breaches, end users have initiated cyber threats. Once a threat is confronting an end user, there is very little a firewall can do to protect from a breach.
I am NOT saying that firewalls are valuable—in fact, there are countless reasons your IT Support should be maintaining and supporting modern “smart” firewalls, but they also need to keep users aware of how to prevent security incidents by keeping them in the loop.
What your IT Support should be thinking is that nothing can protect your business with 100% certainty. Using a multi-pronged approach with firewalls and antivirus, but also having users understand and modify their behaviors, your team can more effective protect against cyberattacks.
My last observation about cybersecurity is that while there is no one golden key to get into your network, there are two likely problems resulting in an attack on your network.
Patching—I’ve said this before, but cannot stop the importance of having updated patched machines. Patching is one of the easiest ways for criminals to get on your network. Period.
In fact, an unpatched machine that is on the internet gets infected, on average, within 20 hours! Multiply that by the 10 machines on your network. How many infections might you have (and not be aware of!). Not all malware encrypts your data. Some malware lays dormant for weeks to years. Some malware simply observes user keystrokes in effort to steal even more data or money from your company. What if every keystroke from your accountant was recorded by a thief?
Think of how much sensitive information you may have lost simply by leaving your network unpatched!
Social Engineering—the ever growing popularity of social networking resulted in equally effective social engineering campaigns. Phishing campaigns targeting email, phone calls, Facebook or other social media platforms all lead to triggering behaviors in your users. Criminals anticipate to snag at least a few percent of their targets.
If your users don’t understand the latest schemes, they may shell over money or information (including sensitive data!) to criminal masterminds.
Answer this simple question: Is my business secure?
If you have any hesitation, consider a third party security assessment to prevent leaving your network open to more risk than you can handle!