Be informed, be secure
Written By: Jared Froehlich, Security Account Manager
The paranoia surrounding cyber crime attacks is rising, almost as quickly as cybercrime itself. According to research from the Ponemon Institute, nearly half of all SMB’s suffered a data breach in 2015. In fact, The Business Journals’ latest SMB Insight study showed that over 550,000 SMB’s are projected to fail in 2017 due to a cyber attack.
If you are the person responsible for safeguarding important data at a small to medium sized business, this may bring to mind some horrific scenarios right about now. The Insight report also finds that 60% of SMB’s will fail within 6 months of a cyber attack, due to losses. To help illustrate, take out a coin and give it a flip. Heads: you escape; tails: you suffer a breach.
How Secure are You from a Cyber Attack?
When it comes to security, organizations can be caught unaware as to whether or not they are going to draw the short straw. I am here to tell you that your chances are a lot less random than a coin flip. The majority of the companies that tank are the ones that don’t take action to proactively defend themselves.
Wonder where your company stands in regard to security? This will provide clarity. Here are the biggest warning signs that your organization could be a victim of a cyber attack.
Red Flag #1: Overall Resistance to Security
“We should be fine.” “We’ve never needed this much security in the past.” “Who would steal from us?” “We’re too small.” “We’ll take our chances.” We hear these famous last words all too often.
As the attackers become smarter, more persistent, and more numerous, they are going to feast on the companies that don’t continue to evolve their security stance. It’s easy for organizations to get comfortable and not want to make any changes. They cannot rely on “what they’ve always done” in regard to security. The stakes are way too high.
Red Flag #2: Gateway Security Not Managed or Monitored Consistently By Experts
The days of plugging in a firewall as simply a piece of infrastructure are over – at least they should be. Think of the White House. There must be a team that fully protects its perimeter. This entails a huge fence with spikes at the top, security cameras strategically in place, and security experts who regularly monitor the activity. As the White House needs perimeter defense, businesses need their networks protected.
Firewalls need to be correctly configured, the logs and firewall activity require regular review and those in charge of this need to be specifically trained in firewall security. All too often, companies rely on subpar technology that is misconfigured, along with overworked IT people without the necessary expertise or time to do the job right.
Red Flag #3: Failure to Regularly Scan Your Network for Vulnerabilities
How can you protect what you don’t know about? If someone wants to break into your network, they’ll run a quick scan looking for all penetrable openings. These are the low hanging fruit. With hundreds of new exploitable vulnerabilities coming out every month, these scans pay off for someone with malicious intentions.
The findings are used as easy points of entry and can come through security misconfigurations, out of date software, open ports, new devices brought in that you don’t know about, etc. Companies are asking for trouble if they aren’t doing weekly or monthly scans of their network along with remediation of the holes discovered.
Red Flag #4: Antiquated Methods of Stopping Malware
With malware causing the nightmares that it has over the past couple of years, it is no surprise to see it showing up in this article. Many forms of malware, have been terrorizing the world. Have you heard of ransomware and the horror it has inflicted? A simple search for “malware stats” can make any business stakeholder tremble.
Simply put, bad guys can now easily get past legacy antivirus solutions, effectively rendering them useless. Moving into 2017, any company relying on the traditional methods of stopping malware, such as using signatures or behaviors, is opening themselves up to being another name on the victim list.
Overcoming the Red Flags
Though that list has grown substantially over the past few years, companies don’t need to live in fear. If you find yourself with any of these red flags, there are proactive security steps that can and must be taken. From now on, no company should live in fear. We are here to help.