Six Steps to Better Cybersecurity for Your Business

Closing the Security Gap for the SMB World and Why You Should Read this Article

Article by Matt Coker – Solutions Architect Specialist

 

• Almost 50 percent of small businesses have experienced a cyber attack
• More than 70 percent of attacks target small businesses
• As much as 60 percent of hacked small and medium-sized businesses go out of business after six months

#1 – The Skills Gap
Let’s face it. You’ve only got so much money to spend on IT and cybersecurity. And cyber security experts are expensive, when you can find them. Worse, they are very much in demand, which can make keeping them around difficult – or impossible.

You’re not alone – but that’s not helping:

Among respondents to a survey of security professionals conducted by ISACA, the non-profit IT advocacy group, three in five organizations have unfilled security positions, while 54 percent take three months or longer to fill each such opening.

Two things you can do now:
• Automate as many repetitive mundane IT tasks as your environment will allow. Start with those directly related to security, such as password reset scheduling and scans for software vulnerabilities and needed patches. Automation reduces human error and consistently applies processes. Both can improve cyber security.
• Partner with trustworthy experts that can provide the day-to-day monitoring, threat detection, and response that can make the difference between a catastrophic intrusion and one that is barely noticeable.

#2 – The Alerts Gap

Alerts are good. Each warning and notification can be the difference between a minor incident and a business-hobbling disruption of your critical IT resources. But there can be too much of any good thing, even alerts.

Alerts: a race you aren’t winning – and can’t afford to lose

• “Currently, over a third of mid-sized organizations surveyed (37%) are still investigating alerts manually, and a shocking seven percent – as many as over 1,200 US medium- sized businesses – are doing nothing with the alerts they receive. On average, of the alerts that make it through the current security tools these organizations have in place, fewer than 20 percent are actually investigated.”

Two things you can do now:
• Define and implement processes for triage of alerts from your most critical IT infrastructure elements, to ensure that at least those alerts are handled in a consistently timely fashion.
• Engage a knowledgeable team of experts to monitor, analyze, and report on your cyber security alerts. This can transform the data generated by all those alerts into information that will help protect your company much better and more cost-effectively than trying to do it yourself.

#3 – The Vulnerability Gap

Each month, leading software vendors announce patches or updates intended to address newly discovered vulnerabilities in applications and operating systems. In theory, once a patch is made available, businesses using the affected software, install the patch and then are protected from the vulnerability.

Reality almost never aligns with this theory.

In 2017, the highly publicized WannaCry ransomware attack affected more than 230,000 computers around the world. Microsoft had released a patch that addressed the vulnerability successfully exploited by WannaCry two months before the attack, according to numerous published reports.

In May 2018, TSMC, a major supplier of chips to Apple and other companies, had its fabrication plants shut down after its computers were infected by a variant of WannaCry. The company blamed the infection on a “misoperation during the software installation process for a new tool.” The attack reportedly resulted in the company announcing a three percent revenue hit. Given reported and forecast 2018 revenue figures for the company of nearly $35 billion, the attack cost TSMC a bit more than $1 billion.

Two things you can do now:
• Identify the elements of your IT infrastructure most critical to your business; and ensure that at least these are patched and updated as soon as possible after patches and updates become available.
• You can’t fix what you don’t know is broken. Work with a managed service provider (MSP) with the tools and expertise to help your business craft a detailed vulnerability assessment, and an effective cyber security plan.

#4 – The Tools Gap
When you can’t just “throw people at the problem” of inadequate cyber security, technology would seem to be a worthwhile alternative. And investing in more and better tools is often a good idea. However, it can be a challenge to wade through a sea of competing alternatives, let alone to choose one, then successfully integrate it into your current environment. In fact, if your business is challenged by limited skills, resources, or both, it can sometimes be impossible.

Choosing the right tools for the job: It’s a job

• “42 percent of IT pros plan to buy additional tools – 54 percent reported seeking security monitoring tools that identify existing vulnerabilities and high priority incidents on the network.
• Among mid-sized companies, “almost one in five (17%) are dissatisfied with their current solutions.
• “The tools employed by smaller businesses put a significant burden on their IT teams – 37 percent of businesses with between 250-499 employees are manually investigating all logs and alerts.”

Two things you can do now:
• Work closely with your incumbent solution provider(s) to ensure you are getting optimum functionality and maximum business value out of your current security investments.
• The solutions you choose must not only work, they must work well together. Partner with a company that builds solutions from the ground up designed to meet the unique needs of your business in a seamless manner. Outsourcing management of your solutions portfolio can provide both a great return on investment and peace of mind.

#5- The Permissions Gap

Users. You can’t have total cyber security with them, and you can’t run a business without them.

Unmanaged privileges and connections not permitted

Experts at organizations such as the U.S. National Institute for Standards and Technology (NIST), and the Center for Internet Security (CIS) agree. Four simple steps can protect against up to 85 percent of threats.

Those steps:
• Application white-listing (only authorized apps run);
• Timely patching of operating systems;
• Timely patching of applications; and
• Restriction (or management) of administrative privileges.

Two things you can do now:
• Recognize that threats can come from many different places. Even inside your company. Establish and enforce processes for regular inventories of your environment, to minimize unauthorized and poorly protected software and retire no-longer-needed administrative privileges.
• Implement “perimeter defenses” that challenge and deny software and privilege requests that don’t comply with company security requirements. Work with a knowledgeable partner to achieve and sustain comprehensive protection of that perimeter, especially as it grows and changes.

#6 – The Education Gap

Users are paradoxically the weakest link in your cyber security, and your first line of defense. Because the most sophisticated technology in the world can’t protect perfectly against every user mistake or intentional attack. Only consistent, emphatic, and repeated education can maximize user vigilance. But unfortunately nothing is perfect in cyber security.

User education: necessary, but not sufficient

The 2018 Verizon Data Breach Investigations Report (DBIR), identified more than 53,000 security incidents and more than 2,200 successful breaches across 65 countries in 2017. The most recent DBIR survey found that errors by authorized users “were at the heart of almost one in five (17%) breaches.”

Two things you can do now:
• Ensure that your users are both “book smart” and “street smart.” Implement comprehensive, frequent, regular education efforts about phishing for your users and partners, including occasional fake phishing emails and reports on the percentage of recipients fooled.
• Consider hosted services that provide multiple protections for your email and other digital assets, and that monitor those protections for rapid detection, review, and remediation of attempted breaches.

Summary:

One size does not fit all.

Many Small to Mid-sized Businesses (SMBs) struggle with figuring out the right security strategy to implement for their businesses. SMB leaders, potentially with less expertise in-house and fewer resources — and focused on growing their business, not cyber security — often look for a “silver bullet” tech solution to defend against attacks. SMB leaders should look at the overall business strategy to guide them in development of a complete security solution. Understanding business strategy must be kept in mind with creating a security strategy to ensure long-term security and company alignment.

The near-constant drumbeat of new, “sexy” IT and security technologies can often be a distraction and a hindrance, not a help.

At Champion Solutions Group, we help guide each client through the creation of a security strategy that is driven top-down, not bottom-up. That strategy should align with and support your business proposition and be customized to your company’s individual needs.

We help protect a multitude of businesses by providing world-class cybersecurity to many companies. It’s clear that every organization, big and small, is a target. Whether you have fifty or five hundred-thousand employees, Champion can provide the right level of support at a price point that fits your business.

PREV

Will the Un-Hackable Typewriter Gain Market Share in 2019?

NEXT

STEALTHbits Blog: How Ransomware Criminals are Using New Extortion Schemes (Trickbot and Ryuk) to Poach Big Game

WRITTEN BY: