Cybersecurity is an overwhelming topic. Many business owners know that they need to be concerned, but quite frankly it can be to hard to understand such a complicated subject. Sometimes it just feels easier to just do the bare minimum, or worse yet, nothing at all. The truth of the matter is that criminals go after small business all the time because they are easy targets and it's easy money for most of them. Stealing data that they can turn around and sell on the dark web for a quick buck. Make sure your business isn't a sitting duck, because not only is it embarrassing to get hacked, it can destroy your entire business.
Here are some scary cybersecurity statistics for you:
#1 Target – Small and Medium Businesses
Over 40% of small businesses reported some kind of cyber attack in 2019, with an average per incident cost of $200k! Amazingly, 60% of all SMBs surveyed think they aren't a target and don't need any kind of cyber security or response plan.
#1 Attack Method - Phishing
62% of SMBs experienced phishing & social engineering attacks. In fact, phishing is the number one vector for criminals to target your business. They try to load malware into resumes, fake payroll files and other interesting documents in hopes someone will click one of those links.
#1 Threat - Ransomware
Ransomware is the number one malware threat to the SMB community, causing downtime for business as well as loss of revenue and dollars paying the ransom. 45% of all small businesses experience downtime due to a breach in 2019 - lasting over 12 hours. What would your business lose if you were forced offline for 12 hours or more?
#1 Piece of Stolen Data - Your Password
70% of employees passwords have been lost or stolen and credentials represent the most common type of compromised data in 2019. This is why Dark Web monitoring is so important, to stay ahead of the bad guys stealing credentials and selling them. Over 80% of all SMB breaches are financially motivated. Check out our Blog post on passwords.
#1 Mistake - No Cybersecurity Defense
43% of SMBs lack any kind of cybersecurity defense plan. You read that right, 2 out of 5 SMBs (fewer than 500 employees) in the US don't any any cyber security in place or a plan to put it in place. Just having antivirus isn't a security plan, but worse yet, over 50% of small business don't use anything more than consume Anti Virus products!
#1 Hacked Industry - Small Business
The big brands get most of the “unwanted” media attention when they’re hacked, but the reality is, small and medium size businesses are hacked far more frequently. Cyber criminals have industries they target due to the lucrative nature of the information they maintain, "“the priority of the SMB is making money, not spending money for protection."
How can you possible protect your business in the face of this overwhelming cyber threat?
First, you need to find an expert you can trust. Gone are the days of the 'computer guy' being able to protect you. We have taken over management of countless networks that were ‘secure’, but they weren’t. The last It Company was playing checkers, while the hackers are out here playing chess. To keep you safe you need a real security expert on your side. Ransomware, hackers, state sponsored hacking, exploits, and phishing are the tools of the trade for hackers and you need a superhero on your side that can help you fight back.
We can help you fight back against hackers and criminals with our CyberCare suite of products. We like to think of security as multiple layers around your business and your employees. Our first layer of defense is to protect your email and web traffic, scanning for malicious code, bad links and bogus emails. Our next layer is to secure your workstations, servers, and network equipment - implementing cybersecurity best practices and locking the systems down so your not an easy target. The third layer is threat hunting - because if bad guys get in, we want to make it really hard for them to move off the compromised computer, and if they do, we are watching for them. Ready to pounce and lock them out. Our final layer of cybersecurity is training, because we can implement all the tools in the world, but if users are using bad passwords and clicking all the bad links, they are inviting the bad guys in your front door. We use trainings and policies to help ensure your staff are on the lookout for bad guys too!
Dark Web Monitoring
We monitor the dark web looking for stolen credentials and leaked passwords. Most businesses don't even realize they have data for sale, and most hackers are lazy and take the easy way out! If I can just buy your credentials, why would I ever work hard to get them? They simply purchase stolen credentials and then try to log into your email, banking, and line of business apps. Since most users suck at changing and separating passwords, one stolen account can get them a long ways into your network!
Foothold Hunting
It’s not efficient for a hacker to get you to keep clicking a link everytime they want to steal some data. Most hackers establish a ‘foothold’, which allows them to come back to your computer again and again. We look for these footholds and kick the hackers out if we find any. Currently, the average time to detect a breach is over 90 days – we want to cut that to hours and then force them out before they can do any damage.
Endpoint Security - Start with Zero Trust
Endpoints - all your desktops and laptops - are the typical entry point for a cyber attack. We use advanced endpoint security, including Zero Trust and EDR (Endpoint detection and response) solutions to stock cyber attacks in their tracks. Zero Trust cybersecurity follows a 'deny by default' model and then we use advanced cloud security scanning and machine learning to make your business as hard to hack as possible. Those are all just big words for 'we used the latest and greatest tech to stop cyber attacks'!
Content Filtering and Secure DNS
Most people think of content filtering when they want to block bad websites (porn, time wasters, etc), but we deploy filtering software that blocks unwanted and malicious sites as well. These cloud security products help us to secure your network from errant clicks. We also use an agent on the computer, so the filtering will follow employees home and on the road. Don't let your protection stop when someone leaves for the day!
Phishing Training
Time and time again research shows the weakest link in your cybersecurity is the user. Hackers send out phishing emails and your users click the link, fill out the malicious form or fall victim to the scam. With our phishing and cyber security tips you can keep security top of mind and keep your network secure.
Security Training
People are the biggest weakness in your network, so we send out weekly Tech Tips and other trainings to help ensure you have educated users, on the lookout for the latest spear phishing attacks.
Monitoring, Updates and more
We don't just stop with the above advanced security features, we make sure your systems are up to date and monitor them for issues to keep your network running smooth.
Want DIY cybersecurity? While we don't recommend it, fill out the form below to get our guide to practical steps you can take in your business, right now. Just remember, you wouldn't want an untrained doctor to do surgery. With data privacy laws YOU could be liable for a lack of cybersecurity. Don't chance it. Give us a call for a free cybersecurity audit, no high pressure sales included.
Not sure CyberCare is the right package for you? Which one of these describes you best? Or, just give us a call and we can help you sort through the services.
Technology is critical to my business and I have cybersecurity or compliance worries. I value quality IT services and I’m looking for hassle-free, high value, IT support and technology guidance.
I am less worried about cybersecurity because I’m not in a regulated industry, but I do require quality remote and onsite IT support from reliable experts.
I need Cybersecurity services, but my company has minimal day to day IT support needs. Most of our apps are cloud-based.
