Cyber Criminals Attack SMB’s
Big Business has finally heeded the decades-long warnings from security experts and has invested enough in security to make it difficult, expensive and risky for cyber criminals to attack them.
So who are the victims now?
Cyber criminals are looking for easier and safer ways to make money by attacking small and medium sized businesses according to ”Verizon’s 2012 Data Breach Investigations Report”. Verizon’s security research director, Wade Baker, says that cyber criminals are mass producing attack techniques and targeting small- and medium-size businesses (SMB’s).
What should smaller organizations do? Obviously, you don’t have the same level of resources as big business, but the potential cost of a breach means you can’t afford to ignore the risk either. In recent studies, the average organizational cost of a data breach was $5.5 million and the cost per lost or stolen record was $194.
The first line of defense is with a reliable, well trained support provider who will furnish you with the tools necessary to fend off cyber criminals. This includes – among other things – anti-virus software, host intrusion detection/prevention tools, firewalls, e-mail scanning and WEB security technology. They can give you as much (or as little) support as you require. And they can help you with the risks listed below.
A recent risk assessment study ranked the risks to small/medium sized businesses in the following order.
· Vulnerability Management: You need to find and remedy software vulnerabilities on servers and desktops. Focus on critical systems first and be sure to include third party applications. Your support provider is a strong resource here.
· Endpoint Protection: This refers to the tools listed above that your support provider can furnish and set up.
· Strong Password Policies: You must rigorously enforce changing default passwords, not sharing passwords, setting up complex passwords that are changed frequently on a regular schedule. CounterPoint SQL retail software is your line of defense here.
· Security Awareness: Workers must be trained on company security policies and common threats. They must know how to respond to suspicious activity and how to use computers safely. NOTE: social networks can be a major threat if introduced into your business environment and user access should always be forbidden in the workplace.
· Access Control: Minimize the number of staff with administrative access. Easily done with CounterPoint SQL.
· Denial-of-Service Mitigation Plan: This is imperative for any business that relies on the Internet.
No system can be made entirely impenetrable, but putting the procedures listed above into practice will go a long way in that direction.
Talk to you soon. ~Norma
p.s. Earlier this month, CCS sent out more information to all who subscribe to our email notifications – on how to protect your system and avoid theft and potential credit card processor fines. There is a risk assessment audit that you can request for your CounterPoint system. Contact us at sales@ccscentral.com