According to the FBI Internet Crime Report, the cost of cybercrimes reached $2.7 billion in 2020 for small businesses in the U.S. At the same time, an SBA survey found that 88% of small business owners feel their business is vulnerable to a cyber-attack. That survey also revealed many small to medium businesses can’t afford professional IT solutions, and they have limited internal resources to devote to cybersecurity.
As these trends suggest, if you run an SMB, you’re the sweet spot for cybercriminals. You may not have the financial and digital assets of large enterprises, but threat actors know you also likely don’t have the same level of security controls and on-staff expertise.
So instead of going after a large whale (i.e., enterprise) with a single harpoon, cybercriminals often cast a wide net in hopes of catching several small fish (SMBs). They know that planting malware or ransomware inside a few businesses can add up to a big payday. Cybercriminals also know that breaching one firm’s infrastructure may give them backdoor access to large enterprise partners, customers, and other SMBs with integrated system connections.
To help you take on this challenge, we recently conducted a PulseOne Tech Talk with JT Fanning, a Sales Engineer from SonicWall. We discussed how business owners want to know which threats they will likely be exposed to.
“It depends on what the company does, but while we’ve seen a decrease in malware, there has been an increase in cryptojacking, which uses compute resources to mine for bitcoin,” says Fanning. “We are also detecting more ransomware, which is the most immediate and painful attack for an SMB as their data is locked up or exposed the Internet.”
Fanning advises that businesses should not rely on their software providers to implement sufficient security controls, whether applications are provisioned as a service via the cloud or on-premises. You need to assume responsibility for your security and add your own advanced security safeguards that go beyond basic firewalls and anti-malware.
Another key aspect is to realize security as an ongoing endeavor. You can’t just “set it and forget it.”
A security strategy that was good enough five years ago simply is not good enough in today’s cyber environment.
That means setting up continuous processes to monitor your infrastructure and your digital assets. And by keeping systems up-to-date with the latest versions and patches, you can position your assets to take on the many new threats that emerge every year.
“Blend the right technology with the right deployment and support resources,” Fanning adds. “You need skilled people to handle configurations, firmware updates, patching, monitoring, and auditing to make sure the technology is set up right.”
When assessing the security posture of your business, Fanning recommends focusing on three primary areas:
Fanning also advises to assume you will be attacked at some point: “But if you don’t make it easy to breach your infrastructure, the bad guys will usually go onto another target very quickly. Don’t be the tallest blade of grass!”
If you’re looking for advanced security tools to protect your business, SonicWall offers protection that stops cyberattacks across exposure points as well as remote, mobile, and cloud-enabled workforces. And for the expertise you need to establish a strong security posture using SonicWall tools, PulseOne is here to help.
We collaborate with businesses to solve many security challenges and work with specialists like SonicWall to protect digital assets. Our security experts can complement your internal IT resources in much the same way as your internal finance team works with your CPA firm.
To learn more about securing your business to protect your digital assets, check out the Tech Talk with Chad. You can also contact us to find out how we help businesses solve many IT challenges and work with specialists like SonicWall to maximize your success.