Oct 2, 2019
October marks the 15th year since the Department of Homeland Security created National Cyber Security Awareness Month (NCASM). Each year, security experts and organizations work hard to address cyber security issues and trends in types of attacks. Despite this, cyber crimes are on the rise, specifically attacks against small and medium-sized businesses.
The news may publicize the issue of hackers and data breaches in large companies, but 58% of cyber-attack victims are small businesses, according to Verizon 2018 Data Breach Investigation Report. The report also states that a quarter of these attacks are caused by people inside organizations, though it is not clarified if these attacks are intentional or not. Cyber-attacks on small and medium-sized companies can cost more than 2 million dollars in damaged IT assets and operational downtime. Small businesses are often targeted because they tend to lack security resources of larger companies, even though the criminals might not be able to extort them for as much money.
As IT professionals work to address the common gaps in cyber security, criminals work to develop new and more creative ways to access your private information. File-less attacks, for example, are 10x more successful and much harder to trace than methods such as ransomware and are increasing in number as a response to stronger security measures against former tactics. Criminals utilizing file-less techniques do not require software or files, they simply hijack current software that is often already built into Windows like Adobe Flash. They will begin when an unsuspecting employee clicks on a suspicious link, often sent through emails, and through there the hackers will take control and make the computer turn against itself.
This year alone, several major companies experienced data breaches that cost over 300 million dollars. These data breaches should have been prevented through employee education and stricter cyber security methods.
There is no one way to prevent cyber attacks, instead, experts recommends utilizing several locks and measures to avoid being attacked. For example, moving your information to the cloud might seem like the safe solution to secure your network, but if the best cyber security practices are not implemented with the technology, cyber criminals can still be a threat. Promptly updating and patching applications and operating systems, changing your passwords often, and continual training of your staff are all just as valuable to the security of your data as your monitoring tools and backups.
Small and medium-sized businesses have an advantage when dealing with some of the issues of cyber security, awareness being one. A smaller company can better inform team members of problems to look out for, and prevention methods are easier to enforce. A small company can also benefit from outsourcing security and backup data solutions to IT specialists for much less than a large company or building a security team in-house.
Concerned about your organization's security? Schedule a network assessment today OR contact one of our certified network security engineers with your questions.
