In the new world of work, many SMBs have digitized the vast majority of their data and processes, and these digital assets present concentrated risk that has a larger attack surface than ever before. Terminals are increasingly diversified and distributed. No longer limited to PCs and servers, these are phones, cameras, printers, watches, smart speakers, and the list goes on. This has created a dire potential risk environment for cyberattacks that are becoming increasingly difficult to recover from and have greater repercussions. Businesses need to be smarter and act quickly to proactively address the threats they face.
With a continued rise in ransomware and phishing attacks targeting SMBs and the growing popularity of supply chain attacks such as the attack on Amital Data about a year ago, 2022 is expected to be a banner year in the landscape. SME cyber threats.
How can SMBs protect themselves against the hottest cyber threats?
Investments in security and protection technologies are a start for SMEs but are no longer enough. The building blocks of a well-thought-out cyber resilience plan are the ability to identify, protect, detect, respond to, and recover from cyber threats. It is important to address each of these elements when developing a cybersecurity plan to ensure rapid recovery and “back to business” in the event of a successful attack. Here are the 5 most important actions to take when preparing your SMB security stack for the coming year:
1. Ensure smooth and fast recovery – The basic assumption about cyber risk has changed – from asking “What if my business is hacked?” SMBs now have to ask “When will my business be hacked?” and “How will I recover from a cyber incident?”. The assumption is that all businesses will experience a cyberattack at some point, it’s only a matter of time. Therefore, organizations need to be prepared and build recovery capabilities on top of traditional security programs.
The reality is that ransomware is the number one threat in most cases with an average remediation cost of $569,729 for Israeli organizations, and unfortunately there is no foolproof way to prevent a ransomware attack. Even the best-protected and best-prepared organizations can fall victim to ransomware. Therefore, the first step companies need to take is to ensure the backup of all their digital assets. It is crucial to select a backup solution that allows easy recovery in case of ransomware. It is also important that the backup and recovery solution includes some protection against ransomware (for example, isolating infected data or avoiding backing up malware). Fortunately, there are backup and recovery solutions designed specifically for SMBs that don’t require special expertise to deploy or maintain and offer smooth recovery to allow for minimal downtime in the event of a cyber incident.
2. Detect and Respond to Threats – To ensure that malware is detected as soon as it enters the enterprise, one must have an antivirus. However, given today’s threat landscape, having traditional antivirus is not enough. SMBs should install more sophisticated endpoint detection and response (EDR) tools that would scan for malware and its behavior, identify it, alert it, and automatically provide immediate response in the event of a cybersecurity incident. The initial infection is not yet too late to prevent the ravages.
3. Prevent threats from entering your business – More than 90% of attacks reach victim organizations via email. As such, as a SMB, you need to ensure that you have advanced email threat protection (unfortunately, the standard protection from Google and Microsoft falls short). In addition to email, the risk of cyber threats being transmitted and propagated through other collaboration tools (Microsoft Teams, OneDrive, Google Drive, Zoom, Slack, etc.) continues to grow. Ideally, SMBs should choose a security solution that protects different channels but is managed from one place. This will ensure your business is protected while reducing overhead and costs. Again, there are products for SMEs that are simple to deploy and require no maintenance.
4. Train your employees on how to identify threats – Bad actors use social engineering and become increasingly sophisticated. To reduce risk, businesses of all sizes should conduct periodic phishing awareness training and ensure that their employees are aware of the threats and do not click on every link or file sent to them.
While it’s more common for ransomware attacks to go undetected, there are still ways to identify if a hacker may have impacted your devices. Asking employees to notify management if they see unusual changes in filenames, lock screens, or a pop-up with a ransom note can be key to isolating infected devices and mitigating risk.
5. Work with trusted vendors – As supply chain attacks become more popular and hackers often gain access to businesses through their vendors (particularly software vendors), it becomes more important than ever to select highly secure vendors and implement security measures throughout their development process. After all, you don’t want to be one of the victims of incidents like the REvil ransomware attack that spread via Kaseya’s software to thousands of SMBs last year, or the SolarWind attack that affected even most protected organizations in the United States.
Cyber risk for small and medium-sized businesses exists and continues to grow. The sooner you act to protect your business, the better. Assuming most SMBs don’t have an in-house information security department, the best way to ensure your security is to work with a Managed Service Provider (MSP) or Managed Security Service Provider ( MSSP) that can help you navigate and make critical decisions. corporate protection measures.
Rotem Shemesh is Senior Product Marketing Manager, Security Solutions, at Datto
