Cybercriminals only have a few reasons to ply their trade: financial and political gain, disruption, destruction, revenge, and notoriety in their community. According to the Small Business Association, there are 28.8 million SMBs in the US, and they employee 56.8 million employees. SMBs defined as less than 1,000 employees comprise 99.7% of all US businesses.
It is important to remember cybercrime and cybercriminals have been learning and perfecting their craft over the years. They have been organizing and discovering that cybercriminal enterprise is profitable and low-risk. They have been building full-scale organizational infrastructure, including HR departments, call centers, C-suite, finance departments, and the like. They have goals, quotas, P&L statements, business plans, and management structure to ensure success. They are recruiting to expand their reach, they are setting up secure financial payment systems, and they are reselling malicious code and ransomware kits to anyone that would seek to use technology to extort money and data for profit.
Follow the Money
Who is the target? Is it more profitable and less risky to attack a Fortune 500® company or to attack 1,000 SMBs? To answer this, you need to weigh the risk against the reward. First, the Fortune 500 company is likely to have advanced security, the latest in security information and event management (SIEM) tools, a security operations center (SOC), highly trained engineers, and a top-10 cybersecurity company to back them up. Attacking a Fortune 500 or government installation is far more difficult, holds increased risk and less profit.
On the other hand, the SMB market is a somewhat risk-free cash cow. A fairly inexperienced hacker can attack a large number of SMBs with little risk, higher payment return, less law enforcement interference, and almost no chance of retaliation. Why? Because SMBs are not prepared and in many cases apathetic. It will never happen to me—that’s something that happens to the other guy. Even with the best-known statistic in cybersecurity staring them in the face—60% of all SMBs that suffer a breach are out of business within six months—they still have not included cybersecurity protection in their budgets.
SMBs are low-hanging fruit to cybercriminals. Expect to see a dramatic increase in SMB attacks of all types in 2018.
Small- to medium-sized businesses can reduce their risk significantly by participating in cybersecurity awareness training. Statistics show that 90% of all breaches are caused by human error. Investing in a security awareness training program is one of the most affordable and effective ways to reduce risk.
The days of gathering groups of employees for bi-annual trainings are over. New cybersecurity training platforms include online, module-based courses specifically designed for various industries. The training is continuous, using a train/phish/analyze cycle that significantly reduces careless clicks that can lead to breaches.
As SMBs become the primary target for cybercriminals, they must begin to utilize backups for protection. According to Smallbiztrends.com, 58% of SMBs are not prepared for data loss, and 60% that lose data will be out of business within six months.
The good news is that those preparing for data loss are doing it correctly. Again from Smallbiztrends.com, 84% of those currently using cloud backup use both online and onsite cloud backups and 68% of those are testing their backup systems weekly or monthly.
2018 is the year SMBs will begin to recognize the value of a strategic backup plan. Backing up your data has become very affordable and will offer peace of mind unlike any other strategy you can implement.
Here are a few thoughts to get you started on your way to developing a solid backup plan.
There are a number of ways you can create backups: you can make copies on your desktop, upload to the cloud, save to an external hard drive, or any combination of these. The details of backing up data is where the complexity arises.
You have to make some decisions about your business with regard to backups, such as: cost, how long data is unavailable, how much data you are willing to tolerate losing in the case of a disaster, what data is necessary to backup, etc.
Here are some basic decisions you have to make about backups:
If you have onsite backups, recovery can be faster, and backups can be very inexpensive. If you are relying on offsite backups, the cost of backups will rise, but you will have more security in the case of threats like fires and natural disasters.
In other words, do you wish to have external hard drives or servers, do you want to automatically back your data up to the cloud, or a combination of both? Check out the backup rule of 3.
Some industries require you to store data anywhere from three to 18 (or more) years. If you are storing data for many years, you will need to have a plan in place to store that data. And you’ll want to make sure that it is protected and stored in a climate-controlled environment.
Most businesses need a plan for unexpected situations because, unfortunately, those situations are likely to arise. By being diligent about backing up your data and keeping proper copies, you will help ensure you are covered in almost any event. And you’ll help keep yourself in business while remaining profitable.
Antivirus (AV) solutions have evolved through the years. As the threat landscape has grown and changed, so have the ways we use AV to protect us. If you are an SMB in 2018, it is time for you to review your AV solution. AV technology has changed dramatically to meet the needs of today’s threats.
According to Securelist.com, today’s threats are more complex than ever before. Much of today’s malicious code—and this includes a wide array of Trojans, exploits, rootkits, phishing scams, spam, and spyware as well as classic viruses and worms—is purpose-built to hijack users’ machines to make money illegally. “The connectivity provided by the internet means attacks can be launched on victim machines very quickly, as widely or selectively as malware authors, and the criminal underground that sponsors them, require.” Malicious code may be embedded in email, injected into fake software packs, or placed on web pages for download by a Trojan installed on an infected machine.
For an SMB trying to do business and stay safe from both inside and outside threats, today’s AV tools can be complicated.
Here are a few questions to contemplate when considering your AV for 2018:
2018 is the year to begin building a culture of security in your business. As users of technology in the 21st century, we must arm ourselves against those that would do us harm. Arming ourselves means taking responsibility for our digital lives. It means using our collective intelligence as a weapon to defeat those that would take our freedom by stealing the integrity of our information and the lifeblood of our businesses.
Building a culture of security is a top-down process that includes everyone—from your board of directors to your shipping department. It requires security conversations, training, knowledge, teamwork, and understanding. It is a “stop and think instinctively” challenge. Building a culture of security in 2018 will pay untold dividends for the future.
[Check out the blog that we just wrote about this—Cybersecurity is a Community Responsibility]
Finally, here is your catch phrase for 2018: “If you’re connected, you must be protected!” Remember it; it could save your business.
Rick Miller is COO and Partner of The Tek, an MSSP specializing in risk assessment, risk mitigation, protection, and education to SMBs. Rick is a long-term veteran in the IT industry. His success has been founded in propelling start-ups and turnarounds to success and profitability. His experience has helped to grow multiple companies from start-up to profitability.
© 2017 SolarWinds MSP UK Ltd. All rights reserved.