Actively defend your small business against ransomware and other cyber attacks.
Last spring in the wake of the ransomware cyberattack on the Colonial Pipeline, an unprecedented thing occurred. The criminals responsible apologized for creating a “social disruption” with their actions.
They clearly stated that their motive was purely to “make money.”
If you’re the leader of a small business, that statement should frighten you. And you should understand why they did that.
That act brought unwanted attention from the President and other high-ranking U.S. officials.
Stealing from your small business won’t be noticed in the same way.
How do cybercriminals steal from my business?
There are dozens of ways a cybercriminal could profit from gaining access to your business computer network. Here are a few of the most common ones.
- Ransomware – Your computer and / or server is infected with malware that encrypts all the files needed to operate critical applications. A ransom is demanded to undo the damage.
- Business Email Compromise – An email account is compromised and used to convince people to redirect payments to the criminal’s account.
- Data Theft – Thieves gain access to your computer, server, or other network device that stores information. They make copies of that data and sell it on the dark web.
These criminal activities and tactics result in direct profits for the bad guys. But, these are not the only way your business loses money to cybercrime.
Even when the crooks don’t get your money, recovering from cyber attacks robs your business of time and money.
The average financial cost of cyber attacks to a US small business is $25,612, according to a recent study by Insurance Provider, Hiscox.
Most IT Security strategies are ineffective at stopping attacks.
“An ounce of prevention is worth a pound of cure,” Ben Franklin declared in the early days of our nation. This quote accurately describes how you should approach the battle against cybercrime.
Undoing the damage of a cyber attack can be devastating to your business, for instance. Therefore, prevention is the key to a successful defense.
Unfortunately, most technologies that defend against cybercrime only react to an attack.
- Antivirus software cannot prevent a new virus until it gets an update with information about how to detect that virus.
- Firewalls need constant updates to recognize and block new threats.
- Backup systems allow you to recover from an attack like ransomware, but doesn’t necessarily prevent it.
While all of these strategies are important to your cyber defense strategy, they all leave gaps in the prevention of cyberattacks.
Modern IT security requires “active technology” to prevent cyber attacks.
How to take an active approach to cyber defense in your business.
Consider what you do to secure your physical property, like the building where your business resides.
- Locks on doors
- Sprinkler systems
- Surveillance Cameras
Which of these do you feel is an “active” defense system?
For example, sprinklers only go off after the fire has started. They don’t prevent the fire.
Door locks, on the other hand, do prevent someone from entering. While they may not be completely secure, but they are active in preventing entrance to a building or room.
Apply that thought process to your cybersecurity and it is difficult to find many tactics that actively defend against cyber attacks.
Here are a few active cyber security systems that you can consider for your business.
- Application Whitelisting – This strategy prevents any unauthorized software applications to run. You block every application initially, then build a list of allowed applications based on the needs of your workforce. This approach is very effective at preventing malware from being installed.
- Sandboxing – Email can contain links that install malware or attachments that install key-loggers or other hacking tools. Sandboxing security techology isolates individual emails containing links or attachments in a virtual “sandbox.” It then tests the links and attachments to see if anything harmful occurs when you open them.
- Endpoint Threat Detection and Response (ETDR or EDR) – You could compare this IT strategy to having a security guard on-site in your building. ETDR actively monitors endpoints looking for suspicous activity. Potential threats are reviewed by security experts who provide steps to defeat them.
How to implement these active security strategies in your business.
- Application Whitelisting – This strategy delivers the highest level of security, however, it will also be the most intrusive to your business. You can secure your IT to the point of not being able to work. Carefully consider how it will impact your staff before implementing it.
- Sandboxing – If your business is using Microsoft 365 to host your email, adding a Microsoft Defender subscription for $2.00 per month gives you this powerful functionality. There are many other email filtering solutions available that will also include sandboxing capabilities.
- Endpoint Threat Detection and Response – Cybersecurity experts recommend adding this service to a small business security strategy more than any other. You can likely find a Managed IT Services Provider in your area that offers this powerful security service.
There are a few keys to making Endpoint Threat Detection and Response most effective for your business.
- Don’t just buy the software that detects suspicious activity. – Because your staff will be chasing their tail over alerts. You need a cybersecurity expert to quickly review the data and determine if the threat is real. They can then provide guidance around what should be done to stop it.
- Beware of too much automation. – Many ETDR systems isolate infected machines to keep a threat from infecting other computers on the network. The only problem is that false positives are possible and could shut down a computer. Choose a system that has a human reviewing actions like this before executing them or your productivity will suffer.
- Extend the protection to your Microsoft 365 accounts. – Because so many businesses are moving to the Microsoft 365 solutions, the plaform is a target for cybercriminals. If they gain access to an account, the possibilities are endless in how they can attack a business. Make sure that any ETDR service you select includes monitoring of activity on your Microsoft 365 accounts.
RSPN offers powerful security solutions.
If you need help solidifying your IT security strategy in your business, contact RSPN today. We help you determine what you already have that’s working while identifying potential gaps in your IT security.
We often identify unnecessary redundancies in IT security products being used in a small business. Eliminating these can result in reduced spending for your business.
Our process is painless and will guide you to safer grounds so you can protect your business from the growing threat of cybercrime.
In the meantime, you may also enjoy this free resource we are offering – The 7 Most Powerful Keys to Preventing IT Failures. You can download that here.