Cybersecurity: Protecting Your Business Against Cyber Attacks
Does your growing Maine business need to worry about cybersecurity and cyber threats? In the past, only large corporations were being attacked, but as they ramped up their IT staff and security measures, cybercriminals turned too small to medium-sized businesses in every corner of the world. No business is too small or too remote to be targeted.
If the last year has taught us anything, it’s that we need to be prepared for the possibility of a life-changing (or business-changing) event. While this doesn’t mean living in constant fear of the unknowns and “what-ifs”, it means that business owners need to make sure they’re putting certain protocols in place to protect themselves, as well as their employees.
While advancements in our online capabilities have provided infinite opportunities for business, they have also come with an entirely new host of problems; perhaps the most pressing is the increasing amount of cyber-attacks occurring across all industries.
So, how can your business stay protected online? To learn more, we spoke with Rob Simopoulos, Co-Founder of Defendify, the all-in-one cybersecurity platform that makes cybersecurity accessible to all organizations. Rob shed some light on who is most at risk, how to spot an attempted cyber-attack, and how to prevent those attempts from happening in the first place.
Hi Rob! So, how does your company help protect businesses against cyber-attacks/threats?
Defendify is an All-In-One cybersecurity platform designed for organizations that do not have internal security teams. We enable small/midsize organizations to implement a comprehensive cybersecurity program that is cost-effective, automated, and backed by cybersecurity experts.
Should smaller companies worry about hacking?
Smaller companies should understand that they are as much a target as enterprise organizations. Criminals don’t discriminate based on business size; they are attacking all businesses with the primary goal of profiting from their crimes. Unfortunately, most smaller organizations have not implemented comprehensive cybersecurity, which makes them easy victims of cyber-attacks.
What are some of the biggest cyber threats or scams you’re seeing these days?
There are many we see every day, but I will share a couple with you.
Business email compromise is a continued issue. This is where an attacker successfully compromises a person’s email account, such as the company’s Finance Manager. The goal after taking over a Finance Managers email is often wire transfer fraud. Once they are in their email system, they can act like them and try to convince customers to change invoice payments to the attacker’s bank account. The challenge here is that the customer receives emails from a valid email account; that seems like it is the Finance Managers. If the customer falls for the fraud, they will send payments to the attacker’s bank account, and the incident will go unnoticed until the collections process begins.
Another serious cyber threat we see is ransomware. An attacker locks down an organization’s IT systems and networks and demands a ransom payment in exchange to unlock it. In most cases, the company cannot reverse the ransomware, so they must begin to wipe systems and implement backups if they have them. The downtime and costs associated with ransomware can be devastating to an organization. Recently cybercriminals have upped their game and now pair ransomware with removing sensitive data from the victims’ systems and publicly threatening to post the data online if the company does not pay the ransom.
Can you share what can happen after a security breach?
In the case of an incident like ransomware, companies will often need to bring in cybersecurity experts and forensic teams to contain the infection and begin to remediate systems. This process can cause significant business downtime. For example, we recently we spoke to a company that spent over a month bringing its systems back to full capabilities after suffering a ransomware attack.
After one of these incidents, there may be significant financial losses suffered by the organization, so having proper cybersecurity insurance in place to assist is essential. It is also imperative that companies work with a data security attorney to assist with the legal side. There may be a loss of sensitive data to the attackers in some incidents, including information about customers, employees, or even personal health information. A data security attorney can guide an organization properly to navigate these situations as there are complicated reporting requirements in some states and for industries under compliance.
Why is cybercrime so prevalent, and why can’t it be stopped?
The internet has no boundaries, and there is no way to stop all attacks directly. Adversaries have an unlimited means to launch attacks, with digital methods to hide who they are and where they are located. These cybercriminals are worldwide and, in most cases, in places where our enforcement agents do not have authority. Criminal gangs orchestrate many of these larger-scale attacks you read about in the news, and in some cases, even government entities sponsor some.
Even though there is no guaranteed way to stop all attacks directly, organizations can put cybersecurity in place to dramatically decrease their risk. In addition, they should implement incident response plans to help recover quickly from an incident.
What safety measures can a business put into place to prevent a breach in security?
I highly recommend building a program of comprehensive layers of protection. The concept that you simply install anti-virus software on your computers and a firewall at the perimeter of your network is not enough today to protect an organization.
Companies today need to implement a full cybersecurity program that includes the following:
- Developing internal policies and Incident response plans
- Conducting employee cybersecurity training
- Hiring ethical hackers to attempt to break into networks and systems with reports outlining weaknesses discovered.
- Conducting regular vulnerability scanning of systems.
- 24/7 cybersecurity monitoring of computers and networks by experts who can respond to malicious activity.
These types of controls are just a few examples of the layers needed to get a solid program in place. The great news is that programs like these are now available for smaller organizations and are within reach from financial investment, deployment, and management.
If human error enables most cyber breaches, how do companies teach employees how to spot a threat?
Research shows that 90% of cyber incidents involve human error, so ongoing employee awareness training is a key component of a cybersecurity program.
As an example, we see cybercriminals sending phishing emails towards email users trying to trick them in to launching malicious websites or files, which can often fool a user into entering their password or for malware to be installed on machines. These phishing emails can be tricky and look like they come from legitimate sources, so having your team educated on identifying phishing attacks is a crucial strategy.
What type of measures should be in place for a proactive cybersecurity awareness training program?
There are many ways we see organizations implementing cybersecurity awareness training programs.
One way is through phishing simulations. This process is where the organization sends simulated phishing emails to their internal users that look just like the emails criminals send. If a user clicks on a link or opens a file, they will be asked to perform on-the-spot training. This training technique allows administrators to train users on real-life email attacks before the attacker reaches them. Organizations that deploy these types of tools begin to reduce the number of users interacting with these emails over time.
Another way is through ongoing cybersecurity awareness training videos often sent monthly. Most videos today can be fun and very interesting, with storylines users can follow. They vary on educational topics, including spotting phishing attacks, verifying fraudulent phone calls, and detecting wire transfer fraud. Users watch the videos and then answer a quiz at the end. These types of trainings ensure your users get continuous cybersecurity training and check the box on compliance and HR requirements.
How can an employer ensure their business data is safe from cyber-attacks with so many people working from home?
One of the key items I recommend is that employers provide all users company-owned computers to use for work purposes. This approach allows an organization to deploy all the required cybersecurity protection and monitoring software on those machines without the risk of having someone’s unprotected personal computer being used for work purposes.
Also, technology use policies should be developed and then reviewed/signed off by all computer users in the organization. Since we are not all trained on cybersecurity properly, a good policy should clearly outline how users are expected to use the computer, software applications, make strong passwords and any restrictions that are in place with the use of the computer.
What advice would you give businesses that haven’t started any cybersecurity programs so far?
What a better time than now? It’s not too late to get started, and you can begin to deploy a cybersecurity program in stages based on needs and budget.
A great place to begin is by conducting a cybersecurity assessment on your company so you can see where you have strengths and weaknesses. This can be a self-assessment done internally or from a 3rd party. Once the assessment is complete you can begin to make improvements in the weak areas.
All of us here at Defendify would like to help, so here are three free tools to help you start. It includes a cybersecurity assessment tool, a vulnerability scanner to help you check your network, and our threat alert system.