Why Your Small Businesses Needs Cybersecurity

In the IT world, cybercrimes and data breaches are becoming more and more common. And, unfortunately, it doesn’t matter what size your business is or what type of information your business has, everyone is fair game.

Most small businesses don’t think they’re a Target for Cyber Crime – They Are

Over 80% of small-medium-sized businesses believe they are not at risk of a cyberattack. Yet the 2017 State of SMB Cybersecurity Report indicates that over 61% of small businesses were breached between September 2016 and September 2017 with employee negligence being the No. 1 cause of a breach.

Small- and medium-sized businesses are a prime target for attackers because they tend to be easier targets. They’re often less secure and unprepared for attack. (Think about burglars that go after houses where they know no one is home – it’s a similar concept!)

You May Underestimate the Value of Your Information. You’re The Only One.

It doesn’t always seem like it, but every business has data worth stealing. Did you know that the average cost per lost or stolen record is $158? It may not seem like a lot, but this number grows quickly once these records are stolen by the hundreds or thousands. In the past year, the number of records stolen during SMB cybersecurity breaches has nearly doubled to 9,350 records. That means the average breach will cost a company $1,477,300.

What’s the Risk of Cyber Crime In a Small Business?

When you look at the risk of cybercrime, here are a few things to think about:

  • 61% of small businesses report experiencing a data breach in 2017.
  • 79% of small businesses do not have an incident response plan. Without one, you may never fully recover when a security incident becomes a reality.
  • Over 50% of U.S. companies’ sensitive data can be accessed via an employee’s smartphone or tablet.
  • The average cost of a data breach is estimated at a staggering $1.48 million per company.
  • 60% of companies that lose their data due to an attack or disaster will shut down within six months.

The Unseen Costs of a Breach

There’s a less obvious consequence from cyberattacks. Your company’s reputation. The reputable brand you’ve worked so painstakingly over the years to build and protect can be wiped out with one breach. Though it may not show up on a balance sheet, it’s a key component to your success.

Your current customers can lose confidence in your ability to keep their data safe and will question their loyalty to your business. Potential customers may see the breach and lose trust in you as a potential partner. Employees will question your management. Vendors might seek other partners, and competitors will seize on the opportunity as a competitive advantage.

If you have data, you’re a potential target. Small businesses in particular are increasingly at risk because criminals expect you to be an easy target. The costs can be overwhelming and staggering, and just one breach can cost you your reputation and your business.

Working with a managed IT company with specific expertise in IT security is a critical insurance policy to ensure the longevity of your business. Deerwood Technologies is the only IT company in the region with security skills in the specific disciplines required to give you the most comprehensive coverage, from defensive security to employee risk training.

Don’t make it easy for criminals; trust the security experts with your livelihood. Contact us today online or call us at 218-534-5357.

Information about Meltdown and Spectre Hardware Exploits

We provided the following to our GUARDIAN Support Clients on Friday:

Earlier this week the existence of two CPU related security vulnerabilities was released to the general public. These vulnerabilities affect most modern computing device processors (including Intel and AMD), and allow an unauthorized process access to privileged system memory.

There are currently no known active exploits of these vulnerabilities.

Microsoft has released a Security Only Update on January 3, 2018 to address this vulnerability for Windows devices. This patch has a known compatibility issue with most antivirus programs. If this patch is applied prior to pending updates by your antivirus vendor, your computer will not boot.

On January 9th Microsoft will be releasing their Monthly Security Patch Rollup, which contains the same patch, but will automatically detect if your antivirus software has been updated to be compatible.

Actions and plans: 

GUARDIAN Support clients will only need ensure your computers are left online during their normal patch cycle. Patches will automatically be deployed, in the correct order, over the next few days.

If you have any questions or specific concerns, please contact us.

Thank you for your business!

 

Sensitive data demands special attention

If you need to maintain compliance of any sort, your company needs to ensure that you’re up-to-date on all the proper requirements and regulations. Too many businesses run without sufficient policies, plans and procedures.
Join us for a 1-hour webinar, “5 Hidden Threats That Put your IT Systems at Risk” on January 10th at 1:00pm
 Thorough discovery and assessments BEFORE a regulatory audit can uncover security issues and provide corrective action to help avoid potential data breaches and fines.
Seating is limited, so register today.
Picture1 Picture2a

Do you have the budget, skills or resources to have inhouse experts devoted solely to cybersecurity?

Dedicated Cybersecurity Expertise Combined with Advanced Threat Intelligence

You may have employees who handle cybersecurity along with other general IT responsibilities, but that’s not enough. Through no fault of your own, you’re unprepared to protect against and remediate these cyber
threats. If you’re attacked, you won’t be ready.

A Managed Security Services Provider (MSSP) provides the proactive, preventative maintenance and technology you need to secure your  workstations, servers, devices and networks. Working with an MSSP is also a more cost-efficient way to address your information security needs.

Some additional benefits you’ll receive include:

Multi-Layered Threat Protection and Prevention
You don’t always have the time, bandwidth or resources to stay up-to-date on the latest security processes and implement the proper defenses to keep your network protected. The easiest and most beneficial solution for you is to partner with an MSSP like us and fully leverage our services and expertise.

Together, we can minimize your business’ risk and develop a plan that focuses on resiliency, not only prevention. The best approach to IT security is a multi-layered approach (education, prevention, preparation, response)  and we can provide that with you.

Simplified Management
If your IT security strategy is a patchwork of different devices from multiple vendors, it may be putting too much strain on your in-house team to manage. Our unified threat management and cybersecurity services allow for a more centralized management of threats to local and remote
environments from a single console. And as your MSSP, we can take care of the deployment, management and monitoring for you – thereby addressing your security needs in an efficient and simplified manner.

Your Ultimate Failsafe
We can be the expert you can turn to in case of a ransomware or other cyber attack.  As your MSSP, we’ll give you the steps you need to take so as to minimize interruption to your business and profitability, and also provide you and your employees with training and education to prevent future
attacks. The key to protecting your business is to take preventative measures now. When you work with us, you can rest easy knowing that your network is secure, your data is protected and that we’re available 24x7x365 for any and all of your support needs.

After reviewing our CyberSecurity Checklist to assess your security posture, contact us today at 218.534.5357 to schedule an appointment to discuss how our expert services team can help with your IT support needs.

Are your employees helping hackers?

Consider what happens when a threat bypasses perimeter defenses and targets an employee—in the form of a malicious email or text, or even a voicemail that might prompt a response with confidential company information.
Your employees need to practice strict and secure cybersecurity habits— not only to thwart digital attacks, but also to prevent someone from simply walking by their desk (in the office or at home) and picking up a device or document that contains sensitive information.
It only takes one incident to completely destroy any goodwill you’ve  established and built with your customer base.  Educating your staff on what it takes to protect proprietary documents and data is critical.
Download our e-book: Cybersecurity Tips for Employees, then contact us to schedule Security Awareness Training  – provided as part of our GUARDIAN Managed Security Services.

IT security must continually be revisited

Data Security Now Requires Consistent, Vigilant Monitoring and Maintenance 

With all of the various threats to your company’s data and factoring in the impact of exploited network or system vulnerabilities, you simply don’t
have the time to do what it takes to keep your business secure.

If you don’t have someone constantly and actively monitoring your network, you may not detect any issues until it’s too late. What if you didn’t know you were hit with ransomware until after the ransom payment window closed, and you couldn’t access any of your files?

The average time to detect malware or criminal
attack is 170 days (Heimdal Security).

Examples of time-consuming, but necessary cybersecurity tasks you can offload include:
Reviewing firewall rules
Updating your firewall
Patching the latest vulnerabilities discovered
Maintaining required controls and standard certifications, such as: ISO, SSAE16, HIPAA, SOX, etc.
Filtering web content
Updating software

Download our CyberSecurity Checklist to see where your company currently stands.

If you have questions about keeping up with your company’s security – whether it’s in-house or outsourced – contact us today. We’ll be glad to begin the conversation with you!

December 9th: electronic recycling drive

Looking to purge before the holidays?! There’s no better way than to collect your old electronics pieces, parts, and paraphernalia and bring it to us for safe recycling.

Below is the flyer for our bi-annual event – set for Saturday, December 9th from 10am to 2pm. Let’s see if we can beat May’s total weigh-in of 2,910 pounds of electronics!

RecyclingDrive12.9.17

Don’t Risk Your Reputation

Besides the cost and lost productivity that we’ve mentioned in past blog posts, there’s a less obvious consequence from cyber-attacks… your company’s reputation. You’ve probably worked for years to build a solid image and reputable brand. And even though it may not show up on a balance sheet, it’s a key component to your success.

Here are a few ways in which a company’s reputation is affected by a cyber-crime:

  • Current customers lose confidence in your ability to mitigate another breach and may begin to question their loyalty to your business.
  • Potential customers may immediately rule you out as a partner.
  • Employees question the management or leadership’s competence if the situation isn’t handled quickly and efficiently; frustrations mount the longer they’re ‘left in the dark’ and work doesn’t get back to normal.
  • Vendors may seek other partners, wondering if (or when) it will happen again.
  • Competitors notice the weakness and capitalize on the competitive advantage they now have.

And don’t be fooled into thinking that cyber criminals will overlook you because you’re a start-up or located in a rural area or part of lesser-known industry. If you have data – and every business does – you’re a target for them.

If you have questions about your company’s security, contact us today. We’ll be glad to begin the conversation with you!

Cyber security – more facts!

Small and medium-sized businesses are a prime target for attackers because they tend to be easier targets. They’re often less secure and unprepared for attack. (Think about burglars that go after houses where they know no one is home – it’s a similar concept!)

Besides the facts we shared last week, here are a few more facts about cyber crimes and their impact on small and medium-sized businesses:

  • Did you know that 79 percent of small businesses do not have an incident response plan? Without one, you may never be able to fully recover when a security incident becomes a reality. (Nationwide Cyber Security Survey)
  • An IBM and Poneman Institute study found that the estimated global average cost of a data breach was a staggering $3.62 million. (Cost of Data Breach Study)
  • Similarly, 60 percent of companies that lose their data due to an attack or disaster will shut down within six months. (Boston Computing Network)

This information is intended to help make an informed decision about what cyber-security solution is right for your business. Investing in an outsourced cyber-security solution to protect against the expanding threat landscape can help mitigate damages inflicted upon your business. When you’re ready to get serious about IT security, keep our team in mind – we’re here to help!

Today’s cyber-security landscape: a few facts!

In the IT world, cyber-crimes and data breaches are becoming more and more common. And unfortunately, it doesn’t matter what size of business or type of information, everyone is fair game. We’re finding that whether it’s credit card data, client records, vendor contracts, or other private information… even your small business data is worth big money.

Here are a couple tidbits about today’s cyber-security world:

Many small businesses think that they’re not a target!

In fact, 82% of small-medium sized businesses (SMBs) say they’re not targets for attacks as they don’t have anything worth stealing. (Towergate Insurance). However, 55% of SMB respondents have experienced a cyber-attack in the past year, and another 50% have experienced a data breach involving customer and employee information. (2016 State of SMB Cybersecurity)

You may underestimate the value of your information.

It doesn’t always seem like it, but every business has data worth stealing. Did you know that the average cost per lost or stolen record is $158? It may not seem like a lot, but this number grows quickly once these records are stolen by the hundreds. (Cost of Data Breach Study)

Remember… from audits to zero-day threats and everything in between, we’re here to help you navigate today’s security landscape!