The threat to small and mid sized businesses
According to a 2017 report from the National Cyber Security Alliance, 60% of small and mid sized companies are out of business within 6 months of a cyber security attack. This is startling. Cyber security isn’t just about protecting data, it’s also about keeping your organization afloat.
SMBs are targeted more because their security operations are weaker than large corporations. They tend to lack adequate security and back up measures or personnel trained in implementation. Additionally, they hold a wealth of information valued by hackers. They also tend to work through supply chains whose security measures aren’t monitored by the company.
Increasing security measures to make sure you aren’t the one packing up shop is relatively easy. In our current climate of rampant hacking, cyber health is essential.
Cyber Health
There are a few short steps you can take to improve your cyber health and reduce your chances of being devastated by ransomware.
First, all AV and security programs should be analyzed. Most antivirus products take a reactive approach, meaning they only chase after something they know is bad. Research shows this isn’t a sustainable method of virus detection and protection.
Second step is making sure all operation systems and third party applications are up to date. Updates from software creators are meant to help patch security holes that were previously unknown. An endpoint management system with patch management can help automate this.
Third is education. Knowledge is power when it comes to fighting a cyber war. Know how to spot red flags and reduce the chances of accidentally clicking on malicious files or links.
The fourth step is password hygiene. Passwords should be changed every six weeks, and should include a complex mix of upper and lower-case letters, along with numbers and special symbols. Never write down passwords, rather use a password vault which safely stores them for use. Also, never use the same password for multiple accounts. Each account should have its own unique, complex password.
The fifth and final step is backing up all data. Cloud based back up services and external drives are both excellent ways to copy important data. If you do use an external drive, make sure to unplug it from the device being backed up as soon as it’s finished to avoid the external drive also being attacked. There’s no need to pay a ransom if you have the ability to recover data on your own.
Being vigilant
Being vigilant isn’t a luxury, but rather a requirement, in any good business practice now. Unfortunately cyber threats aren’t going away. There’s no magic wand that can decrease their likelihood or severity. However the above steps will greatly reduce the possibility and severity of any cyber-attacks and may just save your business.