Forty-three per cent of cyber attacks are against small and medium-sized businesses (SMB), according to recent Verizon data. However, only 14 per cent of them say they’re prepared for it.
Smaller organizations may believe they won’t be targets because they think their data isn’t “important,” said Stephen Nichols, Solution Engineer with Acronis at a recent ITWC briefing. But they need to think again. “The cyber criminals may not want your data, but they want your money,” he said. “Your money is just as good as anyone else’s.”
Cyber attacks have increased by 400 per cent since the start of the pandemic and are becoming increasingly sophisticated. “The most insidious new tactic we’ve seen is double extortion ransomware,” said James Slaby, Director of Cyber Protection at Acronis. In this case, the attackers steal sensitive information and threaten to release it if the ransom isn’t paid.
View on demand: “It’s time for SMBs to focus more on business continuity”
For small businesses, the cost of a successful breach costs an average of $200,000. “Since a cyber attack is inevitable, you must have a plan in place in order to prevent, detect, respond and recover from that event,” said Slaby.
Simplify your cyber life
On average, most enterprises have 45 tools to combat cyber threats. But since these solutions aren’t integrated, this piecemeal approach can create security gaps.
“You need a comprehensive solution,” said Nichols. Organizations need to unify cyber security to protect all data, applications, and devices, wherever they are. The ability to manage everything on a single pane of glass eliminates complexity, lowers costs, and improves security posture, he said.
To keep up with new types of attacks, the solution must include artificial intelligence, said Slaby. “Machine intelligence detects behaviour that isn’t typical in your organization,” he said. For example, if someone started moving data to an offshore server, the system would identify and block that activity.
Disaster recovery (DR) is another essential component of an overall solution. “Ransomware attackers will go after your backups and try to disable your ability to recover,” said Biren Jajal, Disaster Recovery Consultant with Acronis. That’s why it’s necessary to have a data copy offsite in the cloud protected by log-in controls. “This allows you to spin up a server from any backup snapshot in the cloud so that you can minimize downtime and data loss and continue operating the business,” said Jajal.
Virtualization and the cloud have made disaster recovery as a service available to every size business. “It’s a very quick and easy way to deploy a DR strategy at a minimal cost so you can safeguard the business,” Jajal said.
Rely on a Managed Service Provider
Slaby recommends that the best approach for small businesses is to work on a strategy for cyber protection with a managed service provider (MSP). Indeed, 59 per cent of SMBs expect to outsource all their security. “Relying on the expertise of MSPs makes a huge difference because they operate at scale and have investments in tools and skills that SMBs can’t compete with on a cost basis,” he said.
“By leveraging that expertise and consolidating the different dimensions of your cyber protection strategy, the more effective your overall solution is going to be,” said Slaby.
View on demand: “It’s time for SMBs to focus more on business continuity”