In today’s world, it may be tempting for smaller
businesses to avoid addressing cybersecurity when it’s often large,
well-financed corporations that are making headlines for experiencing data
breaches. That may explain why smaller businesses, a market segment where
more than 50 percent of companies do not have a strategy to address IT security,
are particularly vulnerable.That sort of thinking
doesn’t serve them well at a time when threats are increasing and becoming more
sophisticated. According to Verizon’s 2019
Data Breach Investigations Report on 2,013 data breaches
in 86 countries worldwide, 43 percent of attacks involved small businesses and 69
percent of attacks were committed by outsiders (rather than employees).Cyber intrusions are costly. Last year, businesses
lost more than $45 billion globally, according to the 2018 Cyber Incident &
Breach Trends Report by the Internet Society’s Online Trust Alliance.
While many small
businesses rely on IT consultants or an in-house staffer to manage their computer
security, many have come to see the value of outsourcing those functions to third
party managed
and co-managed IT, cybersecurity and private cloud services providers. That’s understandable considering that these businesses have
the capabilities to monitor, identify and manage digital attacks in real time.VSS
has seen strong demand in the financial, life sciences and professional
services sectors for managed security partners like Coretelligent, which
provides CoreArmor cyber security solutions business to safeguard its
customers’ systems and data. As the surge in online incursions continues, it’s
become imperative for many organizations overseeing large amounts of highly
sensitive data and information, to secure their IT infrastructure in real time.Knowing is Half the Battle, Understanding
Today’s Threat ContinuumThere isn’t one
cookie cutter approach to protecting your business against an online attack.
But, one thing is for sure – hackers are becoming more aggressive and attacks are
getting more sophisticated. If effective counter measures are to be deployed, it
starts with understanding the continuum of threats facing businesses today. That,
in turn, will inform strategy and improve a business’ chance of surviving or
thwarting online attacks.Viruses, stolen passwords
and denial
of access to web pages used to
be common threats companies and their employees faced. Today, the threat
environment is infinitely more advanced. Consider Ryuk and SamSam, which are different
types of ransomwear that can paralyze computer systems.Cyber intrusions impact more than an individual
employee, but also its operations, business performance and reputation. For
that reason, as Coretelligent points out it’s important to determine the total costs
– financial and others – that a company might experience from a cyber-attack.
This will help to ensure adequate resources are allocated towards an
organization’s cybersecurity before a business experiences a digital attack.Plan ProperlyPrepare for the worst. When addressing IT security planning it’s also important to
remember reputational risk as part of that calculation. This involves making
contingency planning an important priority – which includes the development of action
and communications plans for informing both employees and external audiences in
the case of a cybersecurity breech.It’s Never too LateAdditionally, there
are other measures that small business owners can take to help avoid an online
attack, such as upgrading critical
infrastructure systems and improving data storage and information sharing
practices – ideally through a third party managed IT specialist.Good
cybersecurity practices don’t begin or end with IT department staff or managers
who oversee IT department budgets. These practices start with proactively educating
rank-and-file employees and all levels of management about the current digital
threat environment and best practices for avoiding cyber intrusions.Taking
these steps together businesses will respond
more effectively to the latest threats and help maintain a robust cybersecurity
posture.
There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]
It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news