Just as history books in the future will define 2020 as the year of the pandemic, many businesses will remember 2021 as being characterized by a different kind of threat: the year of the cyberattack. Gasoline suppliers, insurance companies, municipal water treatment plants, the New York Metropolitan Transportation Authority, even the Houston Rockets — have all been victims of data breaches or ransomware attacks in the first half of this year.
While it’s primarily big businesses and high-profile hacks like these that make the headlines, SMBs are also targets for bad actors — costing them downtime, data, business, and revenue.
Cybersecurity threats are constantly evolving, and the risks aren’t diminishing any time soon. But there are ways to fight back. These four techniques can help small businesses protect their business, employees, and customers.
1) Educate employees. Data breaches from company insiders can cost a business up to 20% of annual revenue, and at least one in three reported data breaches involve a company insider.
Yet the same study found three-quarters of those insider data breaches are unintentional, meaning continually training employees on the latest threats is one of an SMB’s strongest lines of defense.
For example, phishing is one of the biggest threats to businesses of all sizes, and scammers have been particularly busy during the pandemic. Google, which alone blocks more than 100 million phishing emails each day, reported that in mid-April 2020, its systems were detecting 18 million malware and phishing Gmail messages per day related to COVID-19. SMBs thus must educate employees on the dangers of phishing — stressing how easy it is for someone to mistake those emails for legitimate and therefore click the phishing link — and provide instructions on what to do if something seems suspicious.
2) Manage passwords and endpoints. One weak password, bad password management, or a few errant keystrokes on a suspicious website, and an SMB can find itself in the midst of a data breach.
To avoid bad actors coming in through the front door — that is, by entering a password — SMBs should require employees to select passwords with a combination of numbers, special characters, and upper and lowercase letters to make them harder to crack, as well as force password changes at predetermined intervals several times a year via system prompts.
Bad actors can also come in a side door, so to speak. Any connected device (i.e., endpoint) that isn’t properly secured offers a way into an organization’s network. Cybercriminals know how to exploit these openings, and they can get pretty creative. Hackers once attempted to steal data from a North American casino via a fish tank connected to the internet to feed the fish and regulate their environment automatically.
To protect their entire network — not just individual devices — SMBs can invest in sophisticated endpoint protection solutions, such as unified threat management (UTM), which constantly scans and monitors a network. In one package, UTM offers multiple security functions, including antivirus, anti-spam, intrusion detection, data loss prevention, and content filtering. This helps protect SMBs from blended threats, which are combinations of malware or other types of attacks that target different parts of a network simultaneously.
UTM also protects against attacks that slip in via unsecured devices, which even a business with a robust IT security team — like that North American casino — might have connected to its network, knowingly or unknowingly.
3) Enact solid policies and practices. Proactively codifying certain elements of a cybersecurity approach through policy and process ensures cybersecurity remains an ongoing priority.
Some examples include:
● A zero-trust framework: This is one of the most effective ways for organizations to control access to their networks because it assumes no trust in a network, device, or identity and requires those accessing resources to prove who they are. By separating the network and restricting user access, zero-trust security helps the organization contain breaches and minimize potential damage.
● Multi-factor authentication: Two-factor authentication is a subset of multi-factor authentication, which requires more than two pieces of evidence to authenticate that a person is whom they say they are when logging in. For example, some access requires entering a code sent to a specific user’s device after entering their username and password. By enabling multi-factor authentication, SMBs can prevent unwanted access, even after a hacker has obtained a user’s login and password.
● Virtual desktop infrastructure (VDI): Particularly useful for SMBs with remote or hybrid work environments, a VDI gives employees the resources they need to work without exposing the underlying network to the threats posed by unsecured devices. VDI, often available via cloud-based offerings, renders an image and doesn’t download actual data to the device, blocking off unnecessary access.
4) Design an incident response plan. While it’s essential to mount defenses, preparing for a worst-case scenario well in advance is just as necessary. Reaction time is critical in the event of a data breach or attack, so SMBs shouldn’t wait until an incident occurs to develop a detailed incident response plan — in that scenario, it may already be too late to mitigate much of the damage.
A plan should outline what steps to take after a breach, including determining what was compromised, how the bad actor got in, and whether any data or personal information was taken. All of this will take time and research. Further steps may entail taking compromised systems or programs offline to prevent further disruption.
As another part of the response plan, assemble a cross-functional response team and assign roles and responsibilities as appropriate. While IT employees are usually the first to spring into action following an incident, functions like management, operations, marketing/PR, HR, legal, and risk and compliance may all have a role to play in an SMB’s response plan. This is especially true if it is necessary to report the issue to customers, suppliers and vendors, other partners, and law enforcement.
Proactive Planning Offers Protection
It’s an unfortunate truth: Large or small, no organization is immune to being targeted by hackers and cybercriminals, and bad actors will never stop trying to find a way into businesses’ networks and data. But with a strong, well-executed cybersecurity strategy, using these four techniques as well as others, SMBs have a better chance at keeping the hackers and attackers out.
