One of the best investments businesses can make is in cybersecurity. Cybercrime is expected to skyrocket over the next four years, causing $6 trillion in damage by 2021. All businesses are potential targets, and the unprecedented financial incentive for hackers around the world has spurred rapid development in cybercrime.
Staying ahead of the technological curve may seem impossible, but that doesn’t mean your business is doomed. A never-ending pursuit for security can minimize your chances of catastrophic data and financial loss.
Why Cybercrime Is the Next Big Threat
Our ever-increasing reliance on digital systems constantly creates more opportunities for hackers to exploit, and recent changes in credit card and email security increase the rate of online identity theft and other cybercrimes. Even businesses with substantial time and money invested in cybersecurity can be victims of these types of crimes.
Random attacks are increasingly less common. Intentional cybercrime approaches, like “whale phishing” campaigns against upper-level business managers, are on the rise due in part to the increasing security in “softer” targets, such as credit cards. Hackers are upping their game, and unprepared business owners are paying the price for this new threat.
Why Traditional Cybersecurity Measures Don’t Cut It
Businesses are increasingly acting against cybercrime, but breaches are still common because hackers are getting smarter and circumventing traditional cybersecurity steps. In a survey conducted by the Better Business Bureau (BBB), 93 percent of small businesses have heard of at least one of the six most prevalent cybersecurity risks, and nine out of ten have at least some cybersecurity measures in place.
Additionally, BakerHostetler reports that 31 percent of successful breaches occur through phishing scams, and another 24 percent of breaches result from human error. Losses from these errors are considerable; the BBB reports that the average company loses over $79,000.
What the Best Defense Is
Reducing your vulnerability to a cybersecurity breach starts with understanding the threats your company faces. Cybersecurity is an iterative process; it’s best to revisit your security practices often and learn from your successes and mistakes. Employee trainings and cybersecurity practices can aid in your defense against an attack.
Employee Training
Proper employee training is an essential part of your business’s cybersecurity. It only takes one successful breach, like an employee accidentally submitting information through a phishing scam, to bring your business to a screeching halt. And hackers are always employing new techniques to trick unsuspecting individuals into providing an entry point into your databases.
You should train your staff to recognize common social engineering techniques. Also conduct regular threat assessment workshops to ensure employees can recognize common techniques like phishing scams, ransomware, and phone scams.
Cybersecurity Practices
Implementing new cybersecurity routines into your business’s daily operations can increase your resistance to a breach.
- Monitor vulnerability reports such as the National Vulnerability Database or the CERT Vulnerability Notes Database regularly.
- Use Google Alerts or RSS feeds to stay on top of national security breaches.
- Keep track of successfully thwarted attacks, and share any vital security information internally.
- Require two-factor authentication and stronger passwords.
- Use encryption software to defend against common viruses.
- Consider hiring a cybersecurity firm to assess your company’s vulnerabilities.
- Investigate the security practices of any outside vendors your company interfaces with.
Why Total Protection Is Impossible
Ultimately, it’ll be difficult for your business to be totally protected from a breach. For example, phishing attacks can affect even the most tech-savvy and well-trained individuals. Hackers are constantly innovating the practices they employ to breach your company’s defenses, and it’s impossible to address every vulnerability at the same pace cybercrime advances at. Intrusions are also notoriously difficult to spot—the average detection time is 146 days.
How to Rethink Protection
Instead of relying on traditional measures to protect your company from a security threat, rethink what protection looks like. For example, the BBB recommends risk management instead of risk mitigation for protecting your business and measuring the cost effectiveness of your security measures. To ensure you’re getting the best service for the cost, calculate the cost effectiveness of different cybersecurity protection services.
Preventing data loss is just as important as assessing risk. Only 35 percent of businesses can remain profitable for three months if essential data is lost in a breach, and losing the trust of your customers can be even more costly.
There are multiple steps to incident response and recovery, and the first thing you should do is never assume your business couldn’t be a target. All businesses are potential targets, no one is below, or above, notice.
In a report by SANS Analyst Program, only 9 percent of those directly involved with incident response indicated that their incident response processes are “very effective”. The two biggest complaints had to do with not having enough time to practice the plan, and not having the necessary budget for tools. Yet, even with such a low confidence, 61 percent of those surveyed reported that their company had experienced at least one major incident between 2012 and 2014 alone. Incidents included: data breaches, unauthorized accesses, DOS attacks or malware infections. Unfortunately, that number is only expected to rise.
Small businesses aren’t immune either. Even when SANS only took businesses with less than 100 employees into account, the amount that experienced a critical incident remained consistent at 61 percent.
Quick Action and Regular Backups Are Your Friend: A Case Study in Preparing for the Worst
Jordan Drake, an IT Manager at a small business in Salt Lake City, Utah, had an incident response plan in place when a PDF file that contained CryptoLocker attacked an employee’s computer. CryptoLocker encrypts files on a desktop so that, for example, if you needed access to a vital Excel sheet you’d be at the mercy of the ransomer. After paying a fee via anonymous avenues, you might get a password in response, or you might be out of luck. Drake had precautions in place ahead of time as he knew that employees often received PDFs from clients, but one wrong click and they could have an incident on their hands. Which is exactly what happened.
In this case, the computer only had access to that single department’s accounts and it was immediately disconnected from the network, Drake was notified, and in what could have potentially cost the small company huge data and financial losses only caused one employee to lose a day of productivity. Since the systems in place were set to back up data at specific times to a cloud management system, minimal data was lost that couldn’t be restored after a complete computer restore. What could’ve been a catastrophe was mitigated to an annoyance through proper planning.
Tips for Minimizing Loss
Unfortunately, you can’t know the true value of incident response until you experience a breach. But, you can prepare now to minimize loss. Assign someone within your company to be the lead on incident response. Clearly define roles and bring in a third-party firm in if necessary to help you start making the right steps.
Keep detailed logs of what runs on your systems. In the case of a breach, you can go back to see what was accessed, taken, or left behind. It’s important to not only identify how and where the breach occurred, but also what was taken and potentially left behind. It would be unfortunate to look over a backdoor being left for the attacker to come back at a later time to take what they passed over the first time.
Know who to alert and when about the breach, even if the initial attack is over and the vulnerability is patched. It’s important not to sweep incidents under the rug and pretend like they never happened. Be sure to alert executives, shareholders, customers who were affected, etc. From there you need to revise and update your incident response plan. Take an honest, hard look at what went right and wrong in the process and use that information to improve your plan going forward.
While enhancing and maintaining your business’s security may seem like a tough feat today, it’s still possible. Work with qualified experts, both in and outside of your organization, and stay abreast of industry developments to make protecting your bottom line, your employees, and your customers as easy as possible. While planning up front may seem like it’s too expensive, it’s much better than the alternative of losing your business altogether.
About The Author
Shea Drake is a tech aficionado and expert in business development, growth, and cybersecurity. Based in Utah in the United States, when she is not writing about technology she's an avid photographer who loves to travel.
Note: This blog article was written by a guest contributor for the purpose of offering a wider variety of content for our readers. The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of GlobalSign
