According to the 2016 State of SMB Cybersecurity Report by Keeper Security and the Ponemon, 50 percent of small businesses had been breached during the 12-month period that was studied. Smaller businesses are being targeted by cybercriminals more and more frequently, mainly due to the fact that they don’t have robust security plans like many larger organizations. Smaller businesses also tend to underestimate their risk level because they don’t feel like they have anything worth stealing. If you think this is true, consider the number of school districts that have been attacked for ransom recently. So, what you can you do to protect your organization?
Small Business Cyber Security Best Practices
In addition to working with a company like LightEdge to manage your security, we’ve got some other tips that can help keep your organization more secure—and for little to no additional budget dollars.
Update your software. Hackers are well aware of the vulnerabilities of out-of-date business software. Developers work continuously to release patches for their applications to keep them current and secure. But, if you don’t stay on top of these updates, your organization is open to attack.
One caveat—pay close attention to the source of these updates. A very common form of attack is for a hacker to send a notification that mirrors a Microsoft Windows or Office update to gain access to your network. Be sure you and your employees know how to verify sources of updates.
Inform your employees. This leads us directly into our next best practice. Make sure your employees are informed of the different types of cyberattacks and how cybercriminals can access your systems. Much like attacks disguised as software updates, spearfishing emails are a rampant threat today. The email appears to be from an individual or business that your employee is familiar with. These customized emails appear to be personal and request information the hackers can use to gain access to your organization’s systems. Many times, your employee won’t realize it wasn’t a legitimate business message until it’s too late—if at all. This is why it’s also important to educate your employees on ways they can tell if your system has been breached.
Establish security best practices. Require your employees to learn and adhere to them. These practices should include information about who can access which types of information from your system and for what purposes. They should also include a password policy that includes character requirements and the frequency with which employees should change their passwords.
Bring in the Experts. With the level of security needed to protect your organization from cybercriminals, you need to employ seven full-time experts to monitor global and local security threats 24 hours a day to stay protected. Or, you could opt for the more budget-friendly solution of hiring a firm of experts to take care of it for you. For instance, LightEdge’s Virtual Security Operations Center (VSOC) powered by QRadar Managed SIEM. We partner with leading SIEM provider Carbon Helix and their highly skilled, military-trained professionals to act as an extension of our clients’ IT staff. We provide proactive alerts on emerging threats, and recommend security policy changes to allow our clients to best optimize their staff resources.
With a partner in cyber security and a set of best practices in place, you greatly improve your organization’s defenses against cybercriminals. At LightEdge, we do everything we can to help our clients protect their organization’s assets, their clients, and their reputations. If you’d like more information about preventing cyberattacks and bolstering your organization’s security, call us at 877.771.3343 or contact us here.