Common Cybersecurity Threats for Small to Medium Sized Businesses
October marks the beginning of Cybersecurity Awareness Month, a month-long campaign to raise awareness of the need for a collective and proactive approach to cybersecurity. The campaign comes when the threat to businesses is greater than ever. According to the FBI, since the beginning of the pandemic, there has been a 300% increase in reported cybercrimes, with a majority targeted at small-to-medium-sized businesses (SMBs). This increase is likely due to the global shift to remote work, with employees accessing company infrastructure from their home network and IT teams maintaining it remotely. Common Threat Vectors for SMBs A threat vector is a pathway or method used by an attacker to access the target system. These attackers can then steal data, information, or money from individuals or businesses by exploiting these vulnerabilities and gaining access to the system, such as the company’s IT infrastructure or employee’s email). Once they gain access, they are able to remotely control the IT infrastructure, install malware or ransomware, or steal data and other resources. Weak or Compromised Credentials Bad actors obtaining access to user credentials is one of the most common ways for cybercriminals to access target systems. There are several ways for them to obtain these credentials, such as when users fall victim to phishing attempts and provide their usernames and passwords to authentic-looking websites or use common/weak passwords that can be easily guessed. However, it is not only users who can have their passwords compromised. Network devices and servers also have credentials that can be compromised, where one compromised server can allow machine-machine movement throughout the network. To help avoid this risk, make sure that effective password policies are in place to avoid weak/common passwords and usernames, and enable multi-factor authentication (MFA) to reduce the possibility of breaches. Malicious Insiders A malicious insider is usually an unhappy employee who aims to sabotage or damage the organization that they work for. This type of threat is particularly difficult to protect against as employees need access to critical systems and sensitive data in order to operate the business. An employee with bad intentions can potentially disrupt business operations with actions such as deleting critical data or backup or providing secret information to a competitor. To try to mitigate this threat, limit access to critical systems to a minimum number of employees, monitor data and network access, and keep frequent backups of critical infrastructure Phishing Emails & Ransomware Phishing is a tactic used by cybercriminals to gain access to users’ credentials, banking details or to convince users to download potentially malicious malware or ransomware onto their machines. Many phishing emails share common features, such as attention-grabbing offers and statements, portraying a sense of urgency, and unexpected attachments. Even attachments with familiar file types should not be clicked on unless the authenticity of the sender is known, as it may contain viruses like ransomware. Ransomware is a growing concern for SMBs. Not only is ransomware becoming more and more prevalent, but the ransom to be paid is increasing as well. There are numerous ways ransomware can infect a system, from phishing attacks that depend on user error to more targeted attacks that depend on exploiting vulnerabilities in a business’s network. In the fight against ransomware, it is important to keep operating systems and applications patched and up-to-date to minimize vulnerabilities—install proper antivirus software and implement a solution for business continuity to quickly failover in case of a ransomware attack. Focusing on Cyber Resilience It is almost impossible to eliminate these attack vectors completely. As user error is a large component of all these common threat vectors, cybersecurity measures alone are not enough. Implementing a proper cyber resilience strategy to quickly and effectively recover from attacks is the only way to ensure that your business does not become the victim of a cybercrime. Datto’s Unified Continuity solutions can enhance your cyber resilience strategy by providing point-in-time restores to quickly recover and minimize downtime from events like disasters, malicious insiders, and ransomware. Interested in learning more about our Cybersecurity solutions? Give us a call or shoot us a message here: https://boring.com/contact-us/ Source: Nina Novak, Datto Blog
3 Key Cyberthreats Schools Need To Keep In Mind
With valuable, and often underprotected data, education institutes are prime targets for cyberattackers. On top of regular security challenges faced, the new complexities stemming from COVID-19 are offering cybercriminals tailormade scenario for attacking school networks, and giving education institutes even more security challenges that need to be addressed to keep students and student data safe and secure. Let’s take a closer look at some of the challenges these institutions must address: 1. Phishing scams We’re seeing an uptick in coronavirus phishing scams, and so the chances of phishing emails making their way into the inboxes of teachers, administrators, and students is high. Staff must be provided with comprehensive guidance that allows them to identify such emails. It’s critical to deploy advanced email security that blocks phishing emails, prevents data loss, encrypts email, and offers comprehensive protection against phishing. 2. Shortage of skilled IT security staff This is a challenge not unique to schools, but lack of skilled IT staff particularly leaves a school network susceptible to threats. Schools are shut down to control the spread of the pandemic. At most, there’s a skeletal staff at work, or else everyone is working from home. When this happens, who takes charge of your school’s IT security needs? Schools can find themselves with no one pushing network security, device management, and endpoint security policies. Critical reports identifying risky users, or which offer more information about regulatory compliance might not be leveraged effectively. This can give cybercriminals an opportunity to exploit weaknesses in your cybersecurity infrastructure to infect the network. The answer to this challenge is managed threat response services (MTR). This service offers an expert team to deliver threat hunting, detection, and response services 24/7, so that you don’t have to. You don’t have to worry about spotting suspicious behaviors or whether your cybersecurity configuration is on point because the team manages all security needs for your education institute. 3. Advanced malware attacks As students and teachers spend more time online during coronavirus lockdowns, they are susceptible to inadvertently becoming victims of an account takeover, unintentionally or carelessly sharing their information with cybercriminals. This allows criminals to log in to your school’s network, launch a ransomware attack, and take control of sensitive student data. The solution is to deploy advanced endpoint protection technologies to stop the attack chain and predictively prevent such attacks, features should also include automatic roll back to pre-altered state if files are encrypted. This will help protect data if students or teachers are using school-supplied laptops or tabs. If they are using their own devices to access school resources, it is imperative they install a cybersecurity solution specifically catering to the needs of home users. To maximize their safety, schools must also deploy a next-gen firewall that detects and blocks ransomware at the gateway, and also prevents its lateral movement. Boring can help We protect companies and organizations with proven solutions and services for the full cybersecurity lifecycle. Our offerings include independent consulting for your information security requirements and enterprise solutions for IT risk management and continuous compliance. Some of our services include assessments, policies, prevention, protection and recovery for IT network systems. We are equipped to help businesses make decisions about their IT infrastructure and reduce their exposure as it relates to data protection and cybersecurity. Reach out to us today for a network assessment so our team can assess your vulnerability and discover which services and products will work best for you. Source: Sophos NEWSAuthor: Indrajeet Pradhan
Humans And Cybersecurity Practices
Based on a comprehensive survey of 5,000 IT managers across 26 countries, Cybersecurity: The Human Challenge provides brand new insights into the state of cybersecurity skills and resources across the globe. It reveals the realities facing IT teams when it comes to the human-led delivery of cybersecurity, and explores how organizations are responding to the skills challenges they face. The study also exposes unique insights into the relationship between an organization falling victim to ransomware and their day-to-day cybersecurity practices. Key findings IT teams are showing progress in many battles IT teams are on top of patching. Three-quarters of IT teams apply patches to desktops, servers, applications, and internet-facing assets within a week of release. Servers and internet-facing assets are patched most quickly, with 39% of respondents patching them within 24 hours. Prevention is prioritized. On average, IT teams dedicate nearly half their time (45%) to prevention. After that, 30% of time is spent on detection and the remaining 25% is spent on response. IT managers are keeping up to date with cybersecurity. The majority (72%) say that they and their teams are up to date with or ahead of cybersecurity threats. Just 11% think they are significantly behind. Improving cybersecurity requires people – who are in short supply There is an urgent need for human-led threat hunting. Forty-eight percent of respondents have already incorporated human-led threat hunts in their security procedures and a further 48% plan to implement them within a year. The cybersecurity skills shortage is directly implementing protection. Over a quarter (27%) of managers said their ability to find and retain skilled IT security professionals is the single biggest challenge to their ability to deliver IT security, while 54% say it is a major challenge. Organizations are changing the ways they deliver security Improving operational efficiency is a key priority. Four in ten (39%) respondents said that improving operational efficiency and scalability is one of their biggest priorities for the IT team this year. Outsourcing IT security is rising fast. Currently, 65% outsource some or all of their IT security efforts. This is set to rise to 72% by 2022. The percentage of organizations that exclusively uses in-house staffing will drop from 34% to 26%. Ransomware victims display different behaviors and attitudes than those who haven’t been hit Ransomware victims are more exposed to infection from third parties. Twenty-nine percent of organizations hit by ransomware in the last year allow five or more suppliers to connect directly to their network – compared to just 13% for those that weren’t hit. Ransomware damages professional confidence. IT managers whose organizations were hit by ransomware are nearly three times as likely to feel “significantly behind” on cyberthreats than those that weren’t (17% vs. 6%). Being hit accelerates implementation of human-led threat hunting. Forty-three percent of ransomware victims plan to implement human-led hunting within six months, compared to 33% for those that didn’t suffer an attack. Victims have learned the importance of skilled security professionals. More than one-third (35%) of ransomware victims said recruiting and retaining skilled IT security professionals is their single biggest challenge when it comes to cybersecurity, compared to just 19% who hadn’t been hit. Download the full PDF report for more findings, including results for each of the 26 countries surveyed. About the survey Sophos commissioned specialist research house Vanson Bourne to survey 5,000 IT managers during January and February 2020. Sophos had no role in the selection of respondents and all responses were provided anonymously. Respondents came from 26 countries across six continents: Australia, Belgium, Brazil, Canada, China, Colombia, Czech Republic, France, Germany, India, Italy, Japan, Malaysia, Mexico, the Netherlands, Nigeria, the Philippines, Poland, Singapore, South Africa, Spain, Sweden, Turkey, UAE, the UK, and the US. Fifty percent of respondents were from organizations of between 100 and 1,000 employees, and 50% were from organizations of between 1,001 and 5,000 employees. Respondents came from a range of sectors, both public and private. Source: Sophos.com, Sally Adam
Break-Fix vs. Managed Services IT Support
In recent years, managed services has become the go-to model of IT management, offering a number of key advantages over the older break-fix model. For companies looking for a more effective and affordable approach to IT management, managed services certainly has a lot to offer. Below, we’ll take a look at the key differences between these two models of IT management in order to help you determine which one is right for your company. The Benefits of Managed Services over Break-Fix IT Management For many years, break-fix was really the only model of IT support that companies were able to purchase. Under this model, the company would have to wait until a piece of hardware or software malfunctioned before they were able to call in an IT service to fix it, hence the name “break-fix”. With managed services, though, companies are able to take a much more proactive approach to IT management. Rather than paying for costly repairs every time something breaks down, managed services enables companies to pay a monthly fee for ongoing IT management and support. The benefits of this new model are numerous. First and most important, the managed services model allows companies to actively prevent IT issues rather than just responding to them as they happen. This helps companies avoid the costly downtime that IT issues can cause as well as often times avoid the cost of repairs. The managed services model is also a much more comprehensive approach to IT management. Under the break-fix model, IT service providers have no real incentive to invest in network management tools, no real incentive to make your network as stable as possible, and even no real incentive to protect your network against future issues. After all, every time there’s a problem, they make money. With managed services, though, this is not the case, as managed services providers are paid a monthly fee to offer comprehensive IT support that remains the same regardless of how many issues they must repair. Taking Advantage of Managed Services The proactive approach of managed services, the fact that managed services providers are incentivized to keep your network operating as best as possible, and several other key benefits make managed services the go-to model of IT management for most companies. If you would like to learn more about how we are able to help you and your company take advantage of all the benefits that managed services has to offer, we invite you to contact us today. Boring Business Systems is a managed service provider in Tampa, Lakeland, and surrounding areas.