A 2017 Ponemon study confirmed that Small-Medium Businesses (SMBs) are key targets for cyber breaches, mainly due to employee error that allows in malware and ransomware. What is even more alarming is that the damages are now averaging over $1M, a price few SMBs can afford to pay. So what can be done?
First and foremost, verify that known vulnerabilities have been identified and patches. Common malware relies on exploiting these known weaknesses, but is not able to execute if the vulnerabilities no longer exist. Vulnerability scanning should be done quarterly at minimum (monthly is better).
Test your staff. Assuming you have provided them with some level of cybersecurity training and you have reviewed your cyber use policy with them, make sure they are putting this information into practice in real-life scenarios by using email, telephone or even onsite phishing attempts to verify their response. All the perimeter protections in the world don’t stop a hacker who can get an employee of your business to provide them with valid network credentials, or holding the door and let them into your building to connect to your network and gain access to data.
Make sure you have a complete cyber program in place. Too many SMBs focus strictly on technical controls. A complete cyber program also ensures that policies and procedures are in place and align with the controls. Detection and Response are the most commonly overlooked aspects of a complete cyber program, especially for SMBs. If you can’t detect unusual behavior on the network, you likely won’t even realize you have been breached until it is too late. And if you don’t know how to respond, detection alone won’t help you to minimize damages and avoid that $1M+ breach expense that comes from investigation, remediation, notifications, and potential fines and legal action.
You don’t have to remain vulnerable. These steps can be taken to greatly reduce your risk.