Small businesses are often under the misconception that they are too small for a hacker to attack. While it is true that they may be too small to be specifically targeted by a hacker in Russia or China, the automation of malware attacks puts them a just as much risk as businesses many times their size, and typically without the same level of cyber defense.
We were introduced to a small law firm by one of our Resellers. The firm’s Office Manager was asked to look into options to help them reduce their cyber risk after one of the Managing Partners read an article about the targeting of law firms in a legal journal. The Reseller recommended that she speak to us about their concerns, and we determined that the areas of highest risk for them were the lack of the ability to detect and respond to cyber threats.
Our recommendation to the Reseller was to quote our ProVision SOCaaS for their firewall, core servers, O365 and endpoint solution so we can correlate the logs, apply business rules tailored to them, enrich the data with our threat intelligence feeds, and monitor 24/7/365 for indicators of potential threats. We also co-manage the firewall to be able to make pre-approved configuration changes to address threats as needed. We also included our Breach Response Program for 24/7 access to legal advice and cyber forensics help if a serious incident occurs that requires those resources and $250,000 to cover common gaps in commercial insurance (their deductible, regulatory fines, and legal judgments).
About 3 months after this coverage was added, the Foresite SOC detected a threat on a Saturday when no one was at the firm and their Reseller was also closed. We followed our SOC process to validate the threat, make the change(s) needed to prevent access, and notified the Client.
In this Client’s words, “Some of the attorneys were initially reluctant to spend more on IT because they didn’t really feel like our firm was big enough to actually be attacked. We are all so glad that we made the investment when we did! We feel much more secure knowing that a team of experts is watching over our network.”