You’d have to be pretty out of the loop to ignore the news of cyberattacks lately. They’ve grown so effective they’ve become a weapon of war between nations—and a threatening agenda item at the negotiating table. In the past several months, we’ve learned of data breaches and ransomware attacks that have stymied huge companies. At the same time, cybercriminals both foreign and domestic are turning their attention to the small to medium-size businesses that comprise a huge part of the U.S. GDP.
If this is worrisome, you’re not alone. According to a survey conducted by the Small Business Administration, 88 percent of small business owners feel vulnerable to cyberattacks. Some statistics say up to 60 percent of small businesses fail within six months of an attack.
It makes sense if you think about it. The payoff with these smaller companies is certainly much lower than going after huge, high-profile companies, but the target is much more likely to exhibit vulnerabilities that are comparatively easy to exploit. Even worse, there are criminal enterprises out there offering the tools to conduct these nefarious operations as SaaS applications, software as a service for ripoff artists. What is your business worth to you?
Many businesses run their IT like it’s a burden rather than as a tool that’s critical for their growth and delivery of their services. The result can mean outdated hardware that can’t handle the latest and greatest protections devised, software that isn’t patched and updated, and team members that can be unaware of the importance of safeguarding their devices and passwords. Perhaps worst of all, some attacks take place months prior to anyone finding out, due to a loophole in a software you didn’t even know you were running.
“Consider what you’re doing currently,” says Tony Quijano, lead network administrator of Northstar, Inc. “Review your network with an eye to closing the weak points, make sure your staff uses common-sense security practices, and get set up with server monitoring.”
Server monitoring with an eye toward managed threat response has come a long way in recent times. It’s automated and impossible to get past, since any incursion sets off an alert that server use is heavier than normal at any given time. “Knowing about the unauthorized access is one thing, but having the tools to stop it at that moment is how the business gets protected,” Quijano says. “Like anything, the key is to plan ahead.”
Consider creating a program for managed threat detection and response for your business. While every business owner hopes an attack never comes, that’s not really a viable strategy in today’s environment. Instead look at the risks and the potential solutions, and create a plan that tips the balance in your favor. After all, your network is your business. Protect it.