While no business is immune to cybersecurity attacks, small and medium sized businesses are especially vulnerable. In a survey conducted with small to medium business owners in late 2021, 42% of business owners suffered a cyber-attack in the last year. Additionally, according to the U.S. Small Business Administration (SBA), 88% of small business owners feel their businesses are vulnerable to cyber-attacks. Small to medium businesses remain attractive targets for cyber criminals because they have information criminals want and often have weaker security infrastructure compared to larger businesses. This means it is more important than ever to ensure that SMBs practice good cybersecurity hygiene.
Good cyber hygiene practices:
1) Install a password management system. By creating strong, unique passwords for every service you use, password managers encrypt all your data behind one “master” password for ease of use.
2) Require training awareness for employees. Attackers increasingly target the people within the organization, searching for human vulnerabilities. Ignoring the role your employees play in your cybersecurity risks can be extremely costly and dangerous.
3) Have immutable backups installed. The benefit of this is having an untouched version of your company’s data that can always be recovered and is safe from cyber threats.
4) Ensure the latest patches have been installed. Patching is important because it helps to reduce your organization’s cyber risk by fixing vulnerabilities susceptible to cyberattacks on your network’s applications and software.
5) Have a firewall in place. A firewall is a security system that filters traffic coming into your network from the Internet, Cloud, and Dark Web. Properly installed firewalls block hundreds of malicious threats every day, and we believe they are a critical component to all cyberattack preventative measures.
Methods to improve cybersecurity posture:
6) Requiring multifactor authentication (MFA). MFA provides an additional security layer, decreasing the likelihood of compromise due to employees having to approve a sign-in attempt on their mobile devices.
7) Practicing vulnerability management. This addresses what happens after your network and application vulnerability scans take place. It not only identifies the vulnerabilities, but also prioritizes them and shows how your vulnerability program is performing over time. Vulnerability management is vital for companies to prioritize threats and minimize their “attack surface”.
8) Hiring a virtual Chief Information Security Officer (vCISO). A vCISO enables organizations to benefit from the knowledge and expertise of a Chief Information Security Officer without having to pay for the service full-time. A vCISO analyzes your company’s information security risk holistically, bringing confidentiality, integrity, and availability to your most crucial data.
9) Developing an incident response plan and testing it via a tabletop exercise. By having a response plan in place, security teams can more effectively mitigate attacks, reduce response times, gather digital forensic data, and restore operations sooner. Furthermore, incident response plans should be tested via a tabletop exercise at least annually to ensure there are no issues with the plan, and all parties involved understand their roles in the event of an incident.
10) Performing penetration testing. Penetration testers adopt the role of “attacker” and mimic a real attack, attempting to exploit your known vulnerabilities. This testing provides the information needed to improve the security of your device configurations, applications, and network so when a real attacker tries to break in, they are unsuccessful.
11) Practicing least privileged access. This is a cybersecurity concept in which an employee is given the minimum level of access necessary to perform their role properly. This is important because it reduces a company’s “attack surface” and can stop the spread of malware.
Once those are completed, the organization should be able to detect and react quickly to a cyber-attack and thus mitigate any potential effects of the attack. Regardless of size or industry, no company is immune from cyber-attacks, so having proper cybersecurity protocols in place are essential. Well established protocols can help prevent—or lessen the impact of—attacks. Even on a budget there are a few basic hygiene measures (like a password manager) you can implement to keep your company and systems secure.
Content originally written by Blue Team Alpha and has been reposted here with permission.